US Pat. No. 10,367,988

DATA PROCESSING SYSTEM EXECUTING PREDETERMINED DATA PROCESSING BY PLURALITY OF APPARATUSES LINKING

CASIO COMPUTER CO., LTD.,...

1. A data processing system comprising a peripheral apparatus which provides a predetermined function and a central apparatus which utilizes the function provided by the peripheral apparatus, wherein the data processing system executes predetermined data processing through the peripheral apparatus and the central apparatus,wherein the peripheral apparatus comprises:
first communication circuitry which, in a case of not establishing a communication connection with any central apparatus, (i) sends an advertising signal that notifies other apparatuses of its own existence and its own function by way of broadcast communication, (ii) establishes a communication connection with a central apparatus that responds to the advertising signal, and (iii) performs communication control by way of a first communication method that maintains a communication connection by performing communication periodically with the central apparatus having established the communication connection; and
a CPU that executes the predetermined data processing by linking with the central apparatus,
wherein the central apparatus comprises:
first communication circuitry which (i) detects an advertising signal sent by the peripheral apparatus, (ii) establishes a communication connection by way of the first communication method with the peripheral apparatus in a case in which the function indicated by the advertising signal is a desired function, and (iii) performs communication control by way of the first communication method to maintain a communication connection by performing communication periodically with the peripheral apparatus having established the communication connection; and
a CPU which executes the predetermined data processing by linking with the peripheral apparatus,
wherein the first communication circuitry of the peripheral apparatus and the first communication circuitry of the central apparatus maintain a communication connection by performing communication periodically, even in a case in which the peripheral apparatus and the central apparatus are not in a predetermined operation state capable of executing the predetermined data processing,
wherein in the case of not being in the predetermined operation state,
the central apparatus starts an application program, from a state of not running the application program, by receiving predetermined signals via the first communication circuitry from the peripheral apparatus, the application program having a function which causes the peripheral apparatus and the central apparatus to be in the predetermined operation state,
the CPU of the peripheral apparatus and the CPU of the central apparatus cause the peripheral apparatus and the central apparatus to link to each other, and
the CPU of the peripheral apparatus and the CPU of the central apparatus cause execution of the predetermined data processing to start, after causing the transition to the predetermined operation state by operation of the application program,
wherein the peripheral apparatus is an imaging device having an image capture function,
wherein the central apparatus is an information terminal having an image management function, and
wherein the predetermined data processing is processing to send an image captured by the imaging device to the information terminal, and causing the image sent to be managed in the information terminal,
wherein the CPU of the information terminal:
causes an image management program required in execution of the predetermined data processing to transition to an execution stop state of temporarily stopping execution, while maintaining a communication connection by the first communication circuitry,
causes the image management program that is in the execution stop state to transition to an execution state, in a case of receiving a predetermined signal from the imaging device via the first communication circuitry, and
executes processing to receive and manage an image sent from the imaging device, according to the image management program having transitioned to the execution state
wherein the CPU of the information terminal causes the image management program to execute in the background while maintaining a communication connection by the first communication circuitry, and in a case of exceeding an time limit for background execute defined by an operating system and continuously executing the image management program, causes the image management program to transition to an execution stop state, and
wherein the CPU of the imaging device sends a predetermined signal via the first communication circuitry to cause the image management program that is in the execution stop state to transition to the execution state, every time execution of the predetermined data processing is interrupted due to the information terminal causing the image management program to transition to the execution stop state due to a time limit of background execution according to the operating system, and then causes execution of the predetermined data processing that is interrupted to restart.

US Pat. No. 10,367,987

SYSTEM AND METHOD FOR SENSOR-DRIVEN AUTOMATIC DEVICE INTERACTION

SMPL Inc., Austin, TX (U...

1. A system for directing an image capture device based on motion comprising:a device direction computer comprising at least a processor, a memory, and a plurality of programmable instructions stored in the memory and operating on the processor, wherein the programmable instructions, when operating on the processor, cause the processor to determine a threshold for device direction comprising:
a plurality of hardware sensors;
a sensor aggregator for analyzing sensor data;
a polling module communicatively connected to the plurality of hardware sensors;
a threshold calculator;
wherein the sensor aggregator is operable to a receive a plurality of motion points from the polling module;
wherein the threshold calculator is operable to iteratively:
calculate a weighted average of motion data, using the plurality of motion points, over a last interval, wherein the weighted average is based on a length of the last interval;
calculate a motion threshold;
set a motion threshold based on comparisons the weighted average of motion data to the motion threshold;
directing the device.

US Pat. No. 10,367,986

FEEDBACK FOR A PRIVACY INDICATOR ON A SECURITY CAMERA

Amazon Technologies, Inc....

1. A camera system comprising:an indicator light, wherein the indicator light emits a light based at least in part on an activation signal;
a camera configured to capture images, wherein a field of view of the camera detects at least a portion of the light emitted by the indicator light;
a non-transitory computer-readable memory storing executable instructions; and
one or more computer processors in communication with the non-transitory computer-readable memory, the camera and the indicator light, wherein the one or more computer processors are configured to execute the executable instructions to at least:
generate a random number;
determine a brightness level for encoding at least a portion of the random number;
transmit, to the indicator light, the activation signal to activate the indicator light at the brightness level;
receive, from the camera, an image captured while the indicator light is expected to emit the light at the brightness level;
detect a brightness for at least a portion of pixels included in the image;
compare the brightness to a threshold to determine a first encoded value;
determine that the first encoded value encodes a number, wherein the number is different from the at least the portion of the random number; and
disable the camera in response to determining the number is different from the at least the portion of the random number.

US Pat. No. 10,367,985

WEARABLE APPARATUS AND METHOD FOR PROCESSING IMAGES INCLUDING PRODUCT DESCRIPTORS

OrCam Technologies Ltd., ...

1. A wearable apparatus for processing images including a product descriptor, the wearable apparatus comprising:a wearable image sensor configured to capture a plurality of images from an environment of a user of the wearable apparatus; and
at least one processor programmed to:
analyze the plurality of images to identify one or more of the plurality of images that include an occurrence of the product descriptor;
determine statistical information associated with the product descriptor including a purchase history or a preference related to the product;
based on analysis of the one or more identified images, determine contextual information associated with the product descriptor, wherein the contextual information includes information about a person in the environment of the product descriptor; and
transmit the contextual information and an identifier of the product descriptor to a server.

US Pat. No. 10,367,984

METHOD OF FORMING CAMERA MODULE FOR VEHICULAR VISION SYSTEM

MAGNA ELECTRONICS INC., ...

1. A method of forming a camera module for a vision system for a vehicle, said method comprising:providing a circuit board, wherein the circuit board has an imager and associated circuitry disposed thereat;
providing a lens holder for holding a lens assembly, the lens assembly including a plurality of optical elements;
disposing an adhesive in an uncured state at one or both of the lens holder and the circuit board;
positioning the lens holder at the circuit board with the uncured adhesive disposed between and contacting the lens holder and the circuit board;
optically aligning the plurality of optical elements with the imager at the circuit board;
with the plurality of optical elements optically aligned with the imager at the circuit board, and with the adhesive between and contacting the lens holder and the circuit board, forming a lens holder and circuit board construction by curing the adhesive to an at least partially cured state to secure the lens holder relative to the circuit board;
with the adhesive cured to the at least partially cured state, placing the lens holder and circuit board construction in a first mold, wherein, when placing the lens holder and circuit board construction in the first mold, the lens holder and circuit board construction is datumed in the first mold by a portion of the lens holder;
forming an inner molded construction by molding, using a first polymeric resin, an inner molding over and around the circuit board and over a portion of the lens holder;
placing the inner molded construction in a second mold, wherein, when placing the inner molded construction in the second mold, the inner molded construction is datumed in the second mold by the portion of the lens holder; and
forming an outer molded construction by molding, using a second polymeric resin, an outer molding over the inner molding and over another portion of the lens holder to encase the inner molding.

US Pat. No. 10,367,983

CAMERA MODULE AND ARRAY CAMERA MODULE WITH CIRCUIT BOARD UNIT AND PHOTOSENSITIVE UNIT AND MANUFACTURING METHOD THEREOF

Ningbo Sunny Opotech Co.,...

1. A photosensitive unit for a camera module comprising at least a camera lens, comprising:a photosensitive portion which comprises a circuit board including a main circuit board and one or more circuit elements, at least a photosensitive sensor which is provided on said circuit board and has a photosensitive area and a non-photosensitive area positioned around a periphery of said photosensitive area, and one or more connecting elements electrically connecting said main circuit board to said non-photosensitive area of said photosensitive sensor;
an encapsulation portion which is integrally molded to form a support on said main circuit board and extended to said non-photosensitive area of said photosensitive sensor so as to overlappedly affix said photosensitive sensor on said main circuit board by means of molding, said encapsulation portion being protrudingly formed on said non-photosensitive area and surrounding said photosensitive area of said photosensitive sensor to form a lower covering section, an upper installing section and at least an annular inclined inner wall upwardly and outwardly extending from said non-photosensitive area of said photosensitive sensor to said installing section to define a window above said photosensitive area of said photosensitive sensor, wherein said window gradually reduces a size thereof from top to bottom to define a larger upper size and a smaller lower size so as to enable said photosensitive sensor receiving more light, wherein said covering section of said encapsulation portion is molded to have an integral enclosure connection with said main circuit board and to cover, encapsulate and wrap up said circuit elements and said connecting elements, wherein said installing section is adapted for enabling the camera lens to be installed thereon and aligned at a photosensitive path of said photosensitive sensor and positioned above said window, wherein a top surface of said installing section is molded to an even and flat manner for facilitating an installing of the camera lens and ensuring one or more lenses of the camera lens being parallel to said photosensitive area of said photosensitive sensor, wherein said installing section of said encapsulation portion has at least an annular installing groove provided on top of said encapsulation portion and communicated with said window to provide an adequate installation space for installing an optical filter therein so as to ensure a top surface of the optical filter mounted on said installing groove being not protruded on top surface of said encapsulation portion; and
a motor unit mounted on said top surface of said encapsulation portion and electrically connected to said main circuit board.

US Pat. No. 10,367,982

CAMERA MODULE

LG INNOTEK CO., LTD., Se...

1. A lens driving device comprising:a first mover comprising a bobbin and a first coil disposed on the bobbin;
a second mover comprising a housing and a magnet coupled with the housing;
a stator comprising a first substrate and a second coil disposed on the first substrate; and
a base disposed under the first substrate;
wherein the bobbin comprises a stopper protruding from a side surface of the bobbin in a direction perpendicular to an optical axis,
wherein the stopper comprises a groove portion formed in a bottom surface of the stopper,
wherein the groove portion of the stopper of the bobbin is overlapped with the second mover downwardly along the optical axis, and
wherein a distal end of the stopper is spaced apart a predetermined distance from an inner wall of a groove in the housing.

US Pat. No. 10,367,980

CAMERA DEVICE INTEGRATED WITH LIGHT SOURCE AND METHOD FOR CAPTURING IMAGES

1. A camera device, comprising:a cover assembly, comprising a lower cover comprising a lower housing and a lower securing board; and an upper cover, comprising an upper housing and an upper securing board, and coupled to said lower cover, wherein said lower housing and said upper housing are assembled to a front housing, and wherein said front housing defines an opening;
a battery located between said lower securing board and upper securing board;
a solar panel located upon an upper portion of said upper securing board and electrically coupled to said battery; and
a camera assembly, located within said front housing and comprising a printed circuit board (PCB) electrically coupled to said battery; a proximity detector located upon a front side of said printed circuit board (PCB) toward said opening of said front housing for detecting objects proximate to said camera assembly; a light source for emitting light, located upon a front side portion of said printed circuit board (PCB), and comprising a plurality of light emitting diode (LED) lamps arranged in a circular array; a camera module for taking photographs, electrically coupled to said printed circuit board (PCB), and located upon a front side portion of said printed circuit board(PCB); and a memory card for storing recording data from said camera module; and a wireless module for transmitting data to other devices;
wherein said printed circuit board (PCB), said proximity detector, said light source, said camera module, said memory card, and said wireless module are all housed within said front housing of said cover assembly; and
a lens covering said opening defined within said front housing of said cover assembly so as to prevent light emitted from said light source from being scattered.

US Pat. No. 10,367,977

BIDIRECTIONAL SYNCHRONIZING CAMERA, CAMERA SYSTEM INCLUDING THE SAME AND METHOD OF OPERATING THE CAMERA

Samsung Electronics Co., ...

15. A device comprising:a plurality of cameras, each of the plurality of cameras being configured to,
generate a first transmission synchronization signal,
receive at least one a second transmission synchronization signal from at least another one of the plurality of cameras, and
adjust a timing of the first transmission synchronization signal based on a timing difference between the first transmission synchronization signal and the second transmission synchronization signal.

US Pat. No. 10,367,976

SINGLE IMAGE HAZE REMOVAL

The United States of Amer...

1. A method for single image haze removal, comprising the steps of:receiving, at a memory device, an input image having pixels, wherein the input image is a color image having three color channels;
converting, by a processor, each pixel in each channel of the input image to a floating-point value in a range of zero to one;
performing, by the processor, a brightness correction on the converted input image;
estimating, by the processor, an airlight value for the brightness-corrected input image, wherein the estimating step includes the step of computing a weighted average of the estimated airlight for each color channel for frames of a video according to equation:
A=((A+19·Aprev))/20
wherein A is the estimated airlight for a current frame, and Aprev is a weighted airlight value that is updated each frame to value A, and wherein the input image is a frame of the video,
wherein the estimating step includes the step of reducing each of said pixels to a minimum value of the one or more color channels, thus resulting in a two-dimensional image, and
wherein the estimating step further includes the steps of moving a window of a predetermined number of pixels across the 2D image pixel-by-pixel; and replacing each pixel with the minimum value found in said window of a predetermined number of pixels;
calculating, by the processor, a transmission map for one or more color channels of the brightness-corrected input image;
refining the transmission map for each said one or more color channels; and
providing, by the processor, a haze-reduced image to the memory device.

US Pat. No. 10,367,975

COLORIMETRIC CHART CREATING APPARATUS, COLORIMETRIC CHART CREATING METHOD, AND PROGRAM

Konica Minolta, Inc., Ch...

1. A colorimetric chart creating apparatus comprisinga hardware processor that:
groups a plurality of patches having different colors and to be arrayed in a colorimetric chart such that patches having respective overlapping error ranges of color reproducibility which overlap with one another belong to a same group;
determines an arrangement order of the plurality of patches such that an arrangement order of the groups expresses desired information; and
creates print data of the colorimetric chart in which the plurality of patches is arrayed in the determined arrangement order.

US Pat. No. 10,367,974

IMAGE PROCESSING APPARATUS, IMAGE PROCESSING METHOD, PROGRAM, AND ENDOSCOPE SYSTEM

SONY CORPORATION, Tokyo ...

1. An image processing apparatus comprising:a camera head;
a display; and
a camera controller including a signal processor configured to
generate one or more histograms of pixel values for an input image biased to a specific color system, the input image being received via the camera head,
detect a foreign object from the input image based upon a comparison of each of the one or more generated histograms and a corresponding standard histogram obtained according to statistics of an image biased to the specific color system,
correct each of the one or more generated histograms by obtaining a product of each of the one or more generated histograms and the corresponding standard histogram by weight, wherein pixel values corresponding to the detected foreign object are subtracted from each of the one or more generated histograms,
arrange a point of a grid in a color space of a 3D-LUT based upon the one or more corrected generated histograms, the arrangement of the point of the grid being based upon a frequency, in each of the one or more corrected generated histograms, of pixel values of one or more components of the color space of the 3D-LUT,
generate a color conversion parameter based upon the arrangement of the point of the grid in the color space of the 3D-LUT for a color conversion process on the input image, and
control display of an output image on the display based upon the color conversion process on the input image, wherein
the one or more components of the color space of the 3D-LUT include a hue component, a saturation component, and a luminance component,
the color conversion parameter defines a displacement parameter of the point of the grid in the color space of the 3D-LUT, and
a subsequent arrangement of the grid in the color space of the 3D-LUT is based upon the displacement parameter.

US Pat. No. 10,367,973

IMAGE FORMING APPARATUS, AND CONTROL METHOD OF IMAGE FORMING APPARATUS

Canon Kabushiki Kaisha, ...

1. An image processing apparatus comprising:one or more memories that store first language information associated with a first user and second language information associated with a second user;
a display that displays an operation screen; and
one or more processors that operate to:
receive a login request from a user;
cause the display to display a first operation screen using the first language information stored in association with the first user according to the login of the first user to the image processing apparatus;
cause the first user to log out of the image processing apparatus according to receipt of a login request from the second user while the first user is logging in to the image processing apparatus; and
cause the display to switch from the display of the first operation screen to a display of a second operation screen using the second language information stored in association with the second user according to the login of the second user to the image processing apparatus.

US Pat. No. 10,367,972

INFORMATION PROCESSING APPARATUS, COMPUTER READABLE MEDIUM AND INFORMATION PROCESSING METHOD

FUJI XEROX CO., LTD., To...

1. An information processing apparatus comprising:an operation panel that displays a manipulation image for manipulation of the information processing apparatus and that receives a user manipulation, the operation panel including a short range communication unit that is equipped with a circuit for short-range wireless communication and that is connected to a plurality of user terminals that are external devices for the information processing apparatus;
a scanner for reading an image from a document;
an optical sensor that detects the document set in the scanner;
an authentication right managing unit that checks rights of users using the user terminals; and
a CPU that, in a case where a plurality of users log in through the user terminals, (i) controls a first image reading manipulation for assigning a right to use the scanner to the operation panel when the optical sensor detects the document set in the scanner and (ii) controls a second image reading manipulation for assigning the right to use the scanner to one of the user terminals in case short-range wireless communication between the short-range communication unit and the one of the user terminals is made after start of the first image reading manipulation.

US Pat. No. 10,367,971

IMAGE PROCESSING APPARATUS DETECTING TONER PEELING AREA ON CREASE IN DOCUMENT AND CORRECTING PIXEL DATA

Kyocera Document Solution...

1. An image processing apparatus, comprising:a crease detecting unit that detects a crease in a document image; and
a toner peeling detecting unit that (a) detects as a toner peeling part a pixel area on the crease, the pixel area (a1) having a width of the predetermined number of pixels in a direction perpendicular to the crease, (a2) having a background color, and (a3) of which both sides are adjacent to at least two pixels in a direction perpendicular to the crease, the at least two pixels having a color other than the back ground color, and (b) corrects a pixel value of the toner peeling part on the basis of pixel values of at least two pixels adjacent to both sides of the pixel area.

US Pat. No. 10,367,970

IMAGE FORMING APPARATUS, RECORDING MEDIUM, AND IMAGE FORMING SYSTEM

KONICA MINOLTA, INC., To...

1. An image forming apparatus comprising:a hardware communication interface capable of communication over a plurality of frequency bands; and
a hardware controller configured to determine whether content of communication, received from a remote computing device via the hardware communication interface, satisfies a predetermined condition, wherein
the hardware controller is configured to execute control for switching a frequency band of communication via the hardware communication interface to another frequency band of the plurality of frequency bands when the content of communication of the hardware communication interface satisfies the predetermined condition.

US Pat. No. 10,367,969

MANAGEMENT SYSTEM, IMAGE FORMING APPARATUS, MANAGEMENT SERVER, AND RECORDING MEDIUM

Kyocera Document Solution...

1. A management system comprising:an image forming apparatus; and
a management server that manages the image forming apparatus; wherein
the image forming apparatus comprises a storage device which stores connection type information indicative of whether a constant connection with the management server is permissible or not
the image forming apparatus is configured to switch the constant connection with the management server by a protocol for the constant connection between enabling and disabling,
the image forming apparatus transmits the connection type information to the management server via a temporal connection with the management server by a protocol for the temporal connection;
the management server receives the connection type information;
i) when the received connection type information indicates that the constant connection is permissible, the constant connection is established between the management server and the image forming apparatus, and ii) when the received connection type information indicates that the constant connection is not permissible, the constant connection is not established between the management server and the image forming apparatus;
the management server transmits an operation content to the image forming apparatus via the constant connection;
the image forming apparatus (i) receives the operation content, (ii) executes a process according to the received operation content, and (iii) transmits a result of the process to the management server via the constant connection, and
the management server receives the result of the process via the constant connection.

US Pat. No. 10,367,968

METHODS AND SYSTEMS FOR AUTOMATICALLY DETECTING AND VALIDATING END-USER PRINT-RELATED PROCESSING USING PRINT DEVICE INFORMATION

Xerox Corporation, Norwa...

1. A method of identifying end-user processes in a print environment, the method comprising:receiving, by an electronic device, job data corresponding to one or more jobs that have been processed by one or more print devices in a print environment over a time period;
identifying, from the received job data, a plurality of processing operations initiated by a user during the time period, wherein each processing operation is a function performed by one or more of the print devices on one or more print jobs, wherein each processing operation is associated with a timestamp;
identifying a first processing operation from the plurality of processing operations, wherein the first processing operation is associated with a first-occurring timestamp;
identifying a second processing operation from the plurality of processing operations, wherein the second processing operation is associated with a timestamp that next follows the first-occurring timestamp;
determining whether the timestamp of the second processing operation is within a second time period from the first-occurring timestamp;
in response to determining that the timestamp of the second processing operation is within the second time period from the first-occurring timestamp, generating, by the electronic device, a digital representation of an end user process that includes:
the first processing operation,
the second processing operation, and
an indication of a user who initiated or performed one or more of the first processing operation or the second processing operation; and
presenting a visual representation of the end user process to the user via a graphical user interface for verification, wherein the visual representation includes:
an indication of one or more of the first processing operation or the second processing operation, and
an approximate location of where the one or more of the first processing operation or the second processing operation was performed.

US Pat. No. 10,367,966

IMAGE READING DEVICE AND IMAGE DATA TRANSMISSION METHOD

BROTHER KOGYO KABUSHIKI K...

1. An image reading device, comprising:an image reader configured to read an image on an original document and generate image data corresponding to the image on the original document;
a communication interface configured to communicate with a first external device and a second external device;
a storage; and
a controller,
wherein, when the first external device and the second external device are designated as transmission destinations of the image data, the controller is configured to:
control the image reader to read the image on the original document and generate the image data;
store the image data generated in the storage with assigning an initial data name to the image data;
control the communication interface to:
transmit a first list request, to the first external device, requesting to transmit a first list to the image reading device, the first list being a list of data names regarding image data stored in the first external device;
transmit a second list request, to the second external device, requesting to transmit a second list to the image reading device, the second list being a list of data names regarding image data stored in the second external device;
receive the first list transmitted from the first external device;
receive the second list transmitted from the second external device;
determine whether a data name that is a same as the initial data name of the image data stored in the storage is included in at least one of the first list and the second list;
change the initial data name of the image data stored in the storage to an other data name different from the initial data name when it is determined that the data name that is the same as the initial data name of the image data stored in the storage is included in at least one of the first list and the second list;
determine whether the other data name of the image data is included in at least one of the first list and the second list;
when it is determined that the other data name is included in at least one of the first list and the second list, the controller does not transmit the image data with the other data name when a condition occurs,
when it is determined that the other data name is not included in any of the first list and the second list, the controller controls the communication interface to transmit the image data with the other data name to the first external device and the second external device, and
when it is determined that the initial data name is not included in any of the first list and the second list, the controller does not change the initial data name and controls the communication interface to transmit the image data with the initial data name to the first external device and the second external device.

US Pat. No. 10,367,965

IMAGE SCANNING DEVICE AND SHEET FEEDING METHOD APPLIED THEREIN

Foxlink Image Technology ...

1. An image scanning device, comprising:an upper shell;
a feeding shaft pivotally connected to the upper shell;
a roller element including a feeding roller and a sensing roller both fastened to and mounted around the feeding shaft, a diameter of the sensing roller being the same as a diameter of the feeding roller, the sensing roller being located adjacent to one side of the feeding roller and the feeding roller projecting beyond a bottom surface of the upper shell;
a motor connected with the feeding shaft, the motor driving the feeding shaft to rotate in different speeds and bring along the feeding roller and the sensing roller to rotate simultaneously;
a lower shell pivotally covered to the upper shell;
a plurality of springs mounted to the lower shell and being capable of stretching and retracting upward and downward with respect to the feeding shaft; and
a contact image sensor mounted to the plurality of the springs and being capable of moving upward and downward with respect to the feeding shaft, a top surface of the contact image sensor facing to a lower portion of an outer surface of the roller element, and the top surface of the contact image sensor being capable of abutting against the lower portion of the outer surface of the roller element by virtue of the plurality of the springs elastically abutting against a bottom surface of the contact image sensor;wherein the contact image sensor includes a light guide element and a light receiving element, the light guide element emits a light to the outer surface of the roller element, and the light receiving element receives a reflected light from the outer surface of the roller element and records an image read value to determine an interval between the outer surface of the roller element and the top surface of the contact image sensor.

US Pat. No. 10,367,964

OPTICAL SCANNING DEVICE AND IMAGE FORMING APPARATUS INCLUDING THE SAME

KYOCERA DOCUMENT SOLUTION...

1. An optical scanning device including a housing having light emitting ports, a transparent cover closing the light emitting ports, a freely rotatable screw shaft extending along the transparent cover, a cleaning member abutting a surface of the transparent cover, and a holding member having a nut part screwed with the screw shaft and arm parts extending from the nut part to hold the cleaning member, the holding member being configured to reciprocally move along a predetermined movement path by rotation of the screw shaft, whereinfrom an upper surface of the housing, a plate-like rail part, which extends along the screw shaft to guide movement of the holding member, protrudes,
the holding member is provided with a guide part having a guide groove engaged with the rail part, and
the optical scanning device further comprises:
a scraper member fixed to the holding member and scraping off a foreign matter attached to the rail part,
wherein the scraper member includes a pair of scraper pieces provided at both sides of the rail part while interposing the rail part therebetween and having distal end edges abutting a side surface of the rail part.

US Pat. No. 10,367,963

INFORMATION PROCESSING SYSTEM AND INFORMATION PROCESSING METHOD CAPABLE OF SETTING CONFIGURATION OF IMAGE FORMING APPARATUS FROM SERVER WITHOUT CHANGING CONFIGURATION SETTING OF FIREWALL

KYOCERA DOCUMENT SOLUTION...

1. An information processing system, comprising:a management server at a management site;
a personal computer at the management site, the personal computer being connected to the management server via a network; and
an image forming apparatus at a customer site protected by a firewall, the image forming apparatus being connected to the management server via the network over the firewall, wherein the management server includes
a first communication device communicating via the network,
a first memory that stores a first relay program, and
a first processor that executes the first relay program,
when the first processor executes the first relay program, the first processor operating as a first connector, a first compressor, and a first decompressor, the image forming apparatus includes
a second communication device communicating via the network,
a second memory that stores a second relay program, a web server program, and an extension application program, and
a second processor that executes the second relay program, the web server program, and the extension application program,
when the second processor executes the second relay program, the second processor operating as a second connector, a second decompressor, and a second compressor,
when the second processor executes the web server program, the second processor operating as a web server unit,
when the second processor executes the extension application program, the second processor operating as an extension application unit, andthe personal computer includesa third communication device communicating via the network,
a third memory that stores a web browser program, and
a third processor that executes the web browser program,
when the third processor executes the web browser program, the third processor operating as a web browser, and wherein
where no communication path is established between the image forming apparatus and the management server, the second connector of the image forming apparatus at the customer site protected by the firewall connects to the first connector of the management server over the firewall to establish a session,
the web browser of the personal computer sends an HTTP request to the first compressor on the basis of an instruction from a user, a destination of the HTTP request being the web server unit of the image forming apparatus,
the first compressor of the management server compresses the HTTP request received from the web browser to generate first compressed data, and sends the generated first compressed data to the second decompressor of the image forming apparatus through a communication path established between the first connector and the second connector,
the second decompressor of the image forming apparatus decompresses the first compressed data received from the first compressor to reproduce an original HTTP request, and sends the HTTP request to the web server unit,
the web server unit of the image forming apparatus receives the HTTP request sent from the first compressor, converts the HTTP request into a setting request, and sends the setting request to the extension application unit,
the extension application unit of the image forming apparatus receives the setting request from the web server unit, sets a configuration of the image forming apparatus on the basis of the received setting request, and replies a result of the setting to the web server unit,
the web server unit of the image forming apparatus converts the reply of the result of the setting received from the extension application unit into an HTTP reply, and sends the HTTP reply to the second compressor,
the second compressor of the image forming apparatus compresses the HTTP reply received from the web server unit to generate second compressed data, and sends the generated second compressed data to the first decompressor of the management server,
the first decompressor of the management server decompresses the second compressed data received from the second compressor, reproduces an original HTTP reply, and sends the HTTP reply to the web browser, and
the web browser of the personal computer presents the HTTP reply received from the first decompressor to the user.

US Pat. No. 10,367,962

INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING APPARATUS, AND INFORMATION PROCESSING METHOD

Ricoh Company, Ltd., Tok...

9. An information processing method performed by an information processing system including one or more information processing apparatuses configured to implement various functions of the information processing system, the information processing system being coupled, via a network, to one or more devices in which a web browser is installed, the information processing system including a memory configured to (i) store flow information in association with application identification information identifying an application of a plurality of applications, with respect to each of the applications for executing a sequence of processes using electronic data, the flow information defining program identification information identifying one or more programs for executing processes in the sequence of processes and an execution order of executing the one or more of the programs, and (ii) store screen information in association with the application identification information with respect to each of the applications, the screen information defining a screen in a format that is interpretable by the web browser, the information processing method comprising:sending, to a first device that is a source of a first request, the screen information stored in the memory in association with the application identification information included in the first request, when the first request including the application identification information is received from the first device among the one or more devices;
receiving a second request including information related to the electronic data, the electronic data being generated by the first device upon receiving an instruction specified by a user via the screen, the screen being displayed as the web browser interprets the screen information;
acquiring the flow information stored in the memory in association with the application identification information, when the second request is received; and
executing the one or more of the programs identified by the program identification information defined in the flow information, in the execution order defined in the flow information, to execute the sequence of processes using the electronic data based on the information relating to the electronic data included in the second request.

US Pat. No. 10,367,961

IMAGE FORMING APPARATUS, MEMORY MANAGEMENT METHOD, AND MEMORY MANAGEMENT PROGRAM

Konica Minolta, Inc., Ch...

1. An image forming apparatus comprising:a storage that stores a plurality of control programs of the image forming apparatus;
a cache memory; and
a hardware processor that controls the image forming apparatus,
wherein the hardware processor:
writes, to the cache memory, one or more of the plurality of control programs that are execution candidates selected from among the plurality of control programs;
determines execution priorities of the respective control programs that are the execution candidates based on a current state of the image forming apparatus; and
locks down one of the control programs, so as to prevent the one control program from being written over by another control program, the priority of which is highest among the control programs that are the execution candidates, in the cache memory.

US Pat. No. 10,367,960

IMAGE FORMING APPARATUS, ACTIVATION CONTROL METHOD AND NON-TRANSITORY COMPUTER-READABLE RECORDING MEDIUM ENCODED WITH ACTIVATION CONTROL PROGRAM

Konica Minolta, Inc., To...

1. An image forming apparatus comprising:a main CPU that executes an activation control program;
a RAM that stores an execution program loaded for execution of the activation control program by the main CPU;
an activating CPU that activates the main CPU;
a flash memory that is accessible by the main CPU and the activating CPU; and
an activation factor table that associates one or more of a plurality of hardware resources controlled by the main CPU with each of a plurality of activation factors;
wherein the activation control program, when executed by the main CPU, causes the image forming apparatus to at least:
switch an operation mode from a driving mode in which power is supplied to a stop mode in which power is not supplied;
activate, by the activating CPU, a power supply control portion that, in response to switching of the operation mode to the stop mode shuts off power supply to the main CPU, the RAM and the plurality of hardware resources;
detect, by the activating CPU, any of the plurality of activation factors during a period in which power is not supplied to the main CPU; and
execute, by the activating CPU, a power supply control circuit that, in response to detection of any of the plurality of activation factors, supplies power to the main CPU, the RAM and one or more hardware resources associated with the detected activation factor among the plurality of hardware resources;
wherein the activating CPU, in response to detection of any of the plurality of activation factors, activates the main CPU;
wherein the flash memory, for each of the plurality of activation factors, stores a snapshot, which is data stored in the RAM with power supplied to one or more hardware resources associated with the activation factor by the activation factor table; and
wherein the main CPU, in response to activation by the activating CPU, reads out a snapshot corresponding to the detected activation factor from among a plurality of snapshots stored in the flash memory from the flash memory, and stores the snapshot in the RAM.

US Pat. No. 10,367,959

POST PROCESSING APPARATUS

KONICA MINOLTA, INC., To...

1. A post processing apparatus comprising:a reader that reads paper on which an image is formed by an image forming apparatus, the reader configured to output a read image of the paper;
a post processor configured to perform post processing on the paper; and
a hardware processor that detects a position of an edge of the paper and a position of the image from the read image outputted by the reader, and controls a post processing position in the post processor on the basis of the position of the edge of the paper and the position of the image detected,
wherein the reader, when images are formed on both sides of the paper, reads both sides of the paper to output read images of a front side image and a back side image present on respective sides of the paper, and
the hardware processor controls the post processing position in the post processor on the based on a position of the front side image and a position of the back side image on the paper indicated by the read images outputted by the reader; and
the hardware processor, when a distance between the edge of the paper and the image is outside a predetermined range, performs control such that the post processor does not perform post processing.

US Pat. No. 10,367,958

DISPLAY CONTROL DEVICE, METHOD, AND NON-TRANSITORY COMPUTER READABLE MEDIUM FOR RECOMMENDING THAT A USER USE A SIMPLE SCREEN RATHER THAN A NORMAL SCREEN

FUJI XEROX CO., LTD., Mi...

1. A display control device comprising:a first memory configured to store data of a normal screen and data of a simple screen, the normal screen being a screen that displays functions related to a service process provided to a user, the simple screen being a screen that displays a smaller number of functions than the normal screen; and
at least one processor configured to execute:
an operation-display unit configured to display one of the normal screen and the simple screen to the user and to accept a setting operation performed by the user on a function among the displayed functions; and
a display controller configured to control the operation-display unit to display an indication recommending that the user use the simple screen in response to determining that every function set by the user on the normal screen is settable on the simple screen,
wherein the indication comprises a recommendation that the user use the simple screen, and
wherein the display control device further comprises:
a second memory configured to acquire an operation history containing information about a function set by the user, a set value of the function, and a setting period taken to set the function, and to store the acquired operation history in association with the user,
wherein the display controller is further configured to determine whether or not to display the indication recommending that the user use the simple screen using the operation history.

US Pat. No. 10,367,957

HIGHLY-SCALABLE NATIVE FLEET MANAGEMENT

Xerox Corporation, Norwa...

1. A method of providing native scalable management of a fleet of managed devices, the method comprising:establishing a Trust Community, which includes a sub-set of the managed devices in the fleet, wherein each of the managed devices includes a processor;
organizing the Trust Community;
configuring one of the managed devices in the organized Trust Community as a Root Device to publish files via a file sharing function;
adding the Root Device to a distribution profile stored in a database;
creating or downloading one or more files via the Root Device; and
sharing the one or more files with other devices in the organized Trust Community via the Root Device,
wherein any devices in the Trust Community that are on hold or offline are placed in a temporary working area for reorganizing,
wherein download and install schedules for the one or more files are set up on a per device or a bulk basis according to one or more policies such as installing if new content and/or installing always,
wherein files that are to be shared are placed into a staging area before re-distribution and checked for security, integrity, and/or completeness via checksums, digitally signed certificates, and/or internal structure checks.

US Pat. No. 10,367,956

MAINTENANCE SUPPORT DEVICE, IMAGE FORMING APPARATUS, MAINTENANCE SUPPORT METHOD, AND NON-TRANSITORY RECORDING MEDIUM FOR STORING COMPUTER READABLE PROGRAM

Konica Minolta, Inc., Ch...

1. A maintenance support device for supporting maintenance of an apparatus, the maintenance support device comprising:a hardware processor configured to:
perform communication with the apparatus through a communication cable; and
feed electric power to the apparatus;
obtain from the apparatus, while the apparatus is fed with the electric power, individual identification information for a component in the apparatus that has been replaced, and individual identification information for the component that replaced the component that has been replaced by communication with the apparatus through the communication cable; and
when the maintenance support device is asked by the apparatus about a capability of the maintenance support device to feed electric power to the apparatus, determine whether the maintenance support device has such capability.

US Pat. No. 10,367,955

IMAGE FORMING DEVICE AND DEVICE, SYSTEM, RECORDING MEDIUM WITH PROGRAM CODES FOR MANAGING CONSUMABLES IN IMAGE FORMING DEVICE

KONICA MINOLTA, INC., To...

1. A system comprising image forming devices that are connected to each other via a network, the system further comprising:a storage device configured to store therein registered data about the image forming devices;
a hardware processor configured to:
monitor a consumption ratio of consumables in at least one of the image forming devices;
predict a predicted time for replenishment or replacement of consumables for each image forming device monitored, based on the consumption ratio of consumables thereof;
correct the predicted time in response to at least one of a connecting status corresponding to a number of the plurality of image forming devices connected on the network and an operable status corresponding to a number of the plurality of image forming devices detected to be operable on the network; and
issue a request for replenishment or replacement of consumables at the predicted time; and
a manager device that is connected to the image forming devices via the network,
wherein:
the hardware processor is incorporated into a specific one of the image forming devices,
the manager device includes another hardware processor which is configured to acquire at least one of the number of the imaging devices that are connected on the network and the number of the image forming devices detected to be operable on the network, and to notify the specific image forming device of data about the acquired number, and
in response to the data from the manager device, the hardware processor of the specific image forming device corrects the predicted time based on a comparison between a number that the hardware processor of the manager device previously acquired and another number that the hardware processor of the manager device has newly acquired.

US Pat. No. 10,367,953

IMAGE PROCESSING DEVICE WITH DESTINATION SELECTION INTERFACE

KABUSHIKI KAISHA TOSHIBA,...

1. An image processing device comprising:a display device configured to display a FAX destination registration screen having: a destination registration region in which a plurality of registered FAX destinations are displayed in a list, and a destination input region in which a plurality of selectable FAX destinations are displayed;
an input device configured to:
receive a destination registration input with respect to the destination input region, the destination registration input indicating a selected FAX destination from the plurality of selectable FAX destinations,
receive a registered destination selection input with respect to the destination registration region, the registered destination selection input corresponding to a registered FAX destination from the plurality of registered FAX destinations, and
receive a transmission input; and
a processor configured to:
in response to receiving the destination registration input indicating the selected FAX destination, control the display device to update the destination registration region so that the selected FAX destination is added to the registered FAX destinations displayed in the list,
in response to receiving the registered destination selection input, control the display device to display a pop-up screen including: destination information regarding the registered FAX destination corresponding to the registered destination selection input, and a selectable clear button, and
in response to an input corresponding to the clear button, control the display device to update the destination registration region so that the registered FAX destination corresponding to the registered destination selection input is removed from the registered FAX destinations displayed in the list, and
in response to the transmission input, transmit an image to each registered FAX destination displayed in the list.

US Pat. No. 10,367,952

IMAGE PROCESSING APPARATUS, IMAGE PROCESSING SYSTEM, AND COMPUTER READABLE MEDIUM THEREFOR

BROTHER KOGYO KABUSHIKI K...

1. An image processing system comprising:an information processing terminal device; and
an image processing apparatus,
wherein the information processing terminal device comprises:
a first terminal-side wireless communication interface configured to receive information from the image processing apparatus;
a second terminal-side wireless communication interface different from the first terminal-side wireless communication interface; and
a terminal-side controller; and
wherein the image processing apparatus comprises:
a storage configured to store the information;
a first wireless communication interface configured to establish a first wireless connection with the first terminal-side wireless communication interface and transmit the information to the first terminal-side wireless communication interface;
a second wireless communication interface different from the first wireless communication interface; and
a controller,
wherein the information includes selection function information and communication setting information, the selection function information indicating a specific function of the image processing apparatus allowing the information processing terminal device to launch a function application corresponding to the specific function, the communication setting information indicating a setting for establishing a second wireless connection between the second terminal-side wireless communication interface and the second wireless communication interface,
wherein the first terminal-side wireless communication interface receives, from the first wireless communication interface, the information stored in the storage at a time when establishment of the first wireless connection between the first wireless communication interface and the first terminal-side wireless communication interface is started, and
wherein the terminal-side controller is configured to:
establish the second wireless connection with the image processing apparatus via the second terminal-side wireless communication interface after the first terminal-side wireless communication interface receives the information;
launch the function application corresponding to the selection function information in response to the information processing terminal device being brought close to the image processing apparatus and thereby the first terminal-side wireless communication interface receiving the selection function information; and
transmit execution instruction to the image processing apparatus by using the second wireless connection, while the function application is launched,
wherein the first wireless communication interface transmits, to the first terminal-side wireless communication interface, the information stored in the storage at a time when establishment of the first wireless connection between the first wireless communication interface and the first terminal-side wireless communication interface is started,
wherein the controller of the image processing apparatus is configured to:
establish the second wireless connection with the information processing terminal device via the second wireless communication interface after the first wireless communication interface transmits the information;
receive the execution instruction from the information processing terminal device, on which the function application is launched, by using the second wireless connection; and
execute the specific function based on the execution instruction,
wherein, when the execution instruction includes an instruction to execute a print process, the controller of the image processing device is configured to execute the print process based on the execution instruction.

US Pat. No. 10,367,951

WIRELESS RINGER

CenturyLink Intellectual ...

1. A wireless ringer comprising:a communications transceiver providing for direct wireless communication between the wireless ringer and a physically separate wireless device;
a memory;
a touch screen user interface providing for a user to input multiple ringer settings to the memory, wherein a first ringer setting of the multiple ringer settings is linked by the user to an identity of a known calling party, the touch screen user interface further providing for a display of text;
a speaker;
a vibrator;
a processor in communication with the communications transceiver, the memory, the touch screen user interface, the speaker and the vibrator, said processor causing one or more of the touch screen user interface, the speaker and the vibrator to emit a first alert according to the first ringer setting and in response to receipt, through the communications transceiver, of a wireless signal from the wireless device indicating that the wireless device has received an incoming communication of a first type from the known calling party, and said processor further causing one or more of the speaker, the touch screen user interface and the vibrator to emit a second alert according to a second ringer setting, which second alert is different from the first alert, in response to receipt of a second wireless signal from the wireless device indicating that the wireless device has received an incoming communication of a second type from a party other than the known calling party,
wherein the processor is further configured to determine the first alert based on the first ringer setting for communications of the first type from the known calling party, and the second alert based on the second ringer setting for communications of the second type from the party other than the known calling party;
wherein the processor is further configured to one of interrupt, mix, or overlay playback of media content on at least one of the touch screen user interface or the speaker with the first alert based on the first ringer setting, wherein the first ringer setting indicates whether to interrupt, mix, or overlay the playback of media content with the first alert, based at least in part on caller identification information; and
a strap providing for attachment of the wireless ringer to the user's wrist.

US Pat. No. 10,367,950

DEVICE NOTIFICATION ADJUSTMENT DEPENDENT ON USER PROXIMITY

Lenovo (Singapore) Pte. L...

1. A method, comprising:detecting a received communication at a device;
detecting, using at least one device sensor, a device environmental context, wherein the device environmental context is detected using at least one of: device orientation, ambient light level, user biometric data, and connectivity status;
the detected device environmental context being associated in time with the received communication;
identifying a proximity of a user to the device by mapping the device environmental context to one of a plurality of user-proximity device contexts, each identifying a proximity of the user to the device; and
adjusting, based upon the user not being proximate to the device, the magnitude of the notification of the received communication from a notification sound value set before receipt of the communication to an increased adjusted value.

US Pat. No. 10,367,947

TECHNIQUES FOR MIGRATING LEGACY 911 SYSTEMS TO NG-911 SYSTEMS

BANDWITH.COM, INC., Rale...

1. An emergency call routing system, comprising:a Voice-over Internet Protocol position center (VPC) server configured to:
receive a session initiation protocol (SIP) INVITE for an emergency call intended for a destination public safety answering point (PSAP) from a telecommunication service provider (TSP) SIP call server; and
respond to the source of the SIP INVITE message with a SIP Redirect response, the SIP Redirect response including routing data compatible with and capable of enabling the TSP SIP call server to route the emergency call to the destination PSAP such that the VPC is not in the bearer path of the emergency call;
a location information server (LIS) configured to:
receive and store telephone number provisioning information from a TSP, the information including registered address data for the telephone number; and
receive and store PSAP capability data, the PSAP capability data indicative of the PSAP operating under the i2 transitional standard for VoIP 911 or operating under the fully implemented i3 standard for VoIP 911; and
for PSAPs operating under the i2 transitional standard for VoIP 911, receive and respond to address requests for the telephone number that initiated the emergency call; or
for PSAPs operating under the fully implemented i3 standard for VoIP 911, provide a presence information data format location object (PIDF-Lo) within the SIP Redirect response, the PIDF-Lo to be included in an updated SIP INVITE.

US Pat. No. 10,367,946

MITIGATING ATTACKS ON EMERGENCY TELEPHONE SERVICES

T-Mobile USA, Inc., Bell...

1. A computer-readable medium storing instructions that, when executed by a processor, perform a method to detect and mitigate an attack on emergency communication services, the method comprising:receiving an incoming call from an ingress node in an Internet Protocol Multimedia Subsystem (IMS) network, wherein the incoming call is destined for a Public Safety Answering Point (PSAP); and,
routing the received incoming call to both (a) an IMS network component and (b) a decision server in the IMS network;
wherein the decision server in the IMS network considers one or more parameters associated with the incoming call received at the ingress node,
wherein the decision server is configured to detect at least one attacks on emergency telephone services, and
wherein the decision server determines an action to be taken with respect to the incoming call, wherein the determination is made based at least on the one or more parameters.

US Pat. No. 10,367,944

APPARATUS, SYSTEM, AND METHOD OF CONFERENCE ASSISTANCE

Ricoh Company, Ltd., Tok...

1. An information processing apparatus comprising:a network interface configured to communicate with a conference assistance server through a network;
one or more input devices configured to receive input of voice or writing of at least one meeting participant during a meeting; and
processing circuitry configured to,
receive an instruction indicating whether to transmit data related to the input of the voice or the writing to the conference assistance server,
transmit the data, via the network interface, to the conference assistance server, in response to the instruction indicating to transmit the data,
receive, via the network interface, assistance information associated with the data from the conference assistance server, the assistance information including information relevant to the meeting, and
control a display device to display the assistance information together with the data related to the input of the voice or the writing such that the assistance information displayed on the display device assists the at least one meeting participant.

US Pat. No. 10,367,943

ELECTRONIC SYSTEM WITH GROUP LOCATION MECHANISM AND METHOD OF OPERATION THEREOF

Telenav, Inc., Santa Cla...

1. An electronic system comprising:a communication unit configured to provide a conference bridge;
a storage unit, coupled to the communication unit, configured to store a sharing code for the conference bridge;
a control unit, coupled to the storage unit, configured to:
determine a security setting for the conference bridge;
display a location sharing session executed through the conference bridge including multiple devices, a destination address, and multiple travel routes,
change the sharing code based on the security setting when an unintended user joins the location sharing session including increasing a number of digits of the sharing code and notify the expected participants of the change to the sharing code; and
disconnect a connection of the unintended user from the conference bridge, by disconnecting a device of the unintended user from the location sharing session, based on the security setting including social network or social media settings.

US Pat. No. 10,367,942

SYSTEM AND METHOD FOR ANALYTICS WITH AUTOMATED WHISPER MODE

1. A method, comprising:facilitating, by a processing system including a processor, a customer service session via a communication network, wherein customer equipment participates in a first interactive communication exchange with a first customer service agent via a network connection using a first interaction mode;
monitoring, by the processing system, the first interactive communication exchange;
associating, by the processing system based on the monitoring, a second customer service agent with the customer service session, wherein the second customer service agent provides a consultation service to the first customer service agent in a second interactive communication exchange using a second interaction mode different from the first interaction mode, without exposing the consultation service to the customer equipment, wherein the first custom er service agent provides, in accordance with the monitoring, an assessment of a customer mood to the second customer service agent; and
determining, by the processing system based on the assessment, whether to associate an additional customer service resource with the customer service session.

US Pat. No. 10,367,941

APPARATUS, METHOD, AND COMPUTER PROGRAM FOR OPTIMIZING COMMUNICATION

West Corporation, Omaha,...

1. An apparatus, comprising:at least one processor; and
memory comprising computer program instructions, wherein
the computer program instructions, with the at least one processor, are configured to cause the apparatus to:
transmit a request message to an application services module to connect with an agent when a selection is made on a mobile application,
receive a contact number of a proxy server from the application service module, and
connect with the proxy server using the contact number provided by the application service module, wherein the connection causes the proxy server to access a system database to search for caller identification to retrieve a phone number of the agent and connect a user of the mobile application to the agent, wherein
the proxy server discards one or more records related to the connection of the user of the mobile application with the agent, that prevents the user of the mobile application from a reconnection with the agent.

US Pat. No. 10,367,940

ANALYZING CONVERSATIONS TO AUTOMATICALLY IDENTIFY PRODUCT FEATURE REQUESTS

AffectLayer, Inc., Tel A...

1. A computer-implemented method, comprising:retrieving multiple recordings of conversations associated with multiple representatives, wherein each of the conversations is between at least one of the representatives and at least one of multiple customers;
extracting multiple features from each of the recordings, wherein the multiple features indicate characteristics of any of (a) a customer of multiple customers in the corresponding conversation, (b) a representative of multiple representatives in the corresponding conversation, (c) the corresponding conversation;
analyzing features associated with a first conversation of the multiple conversations to determine a set of features that is indicative of a feature request for a product, wherein the feature request is a request made by a first customer of the multiple customers associated with the first conversation for adding one or more functionalities to the product; and
generating, based on the set of features, information regarding the feature request.

US Pat. No. 10,367,938

MOBILE-DEVICE-BASED CARRIER VOICEMAIL REDUCTION

1. A device capable of providing telephonic capability comprising:one of hardware and a combination of software and hardware configured to:
receive an incoming telephone call;
notify a user of the device of the incoming call; and
provide the user of the device with a plurality of options for managing the incoming call, the plurality of options for managing the incoming call comprising:
an option to divert the incoming call to a centralized voicemail system operated by a mobile carrier;
an option to answer the incoming call and immediately allow the user of the device to participate in a telephone call with a maker of the incoming call; and
an option to cause the device to answer the incoming call and to manage the answered incoming call without immediately connecting the user of the device to participate in a telephone call with the maker of the incoming call;
wherein the plurality of options for managing the incoming call comprise:
an option to divert the incoming call to the centralized voicemail system operated by the mobile carrier without sending a text message to the maker of the incoming call;
an option to divert the incoming call to the centralized voicemail system operated by the mobile carrier and to compose a text message to the maker of the incoming call;
an option to answer the incoming call at the device, play a greeting to the maker of the incoming call asking the maker of the incoming call to leave a message, and locally record a voicemail at the device without utilizing the centralized voicemail system operated by the mobile carrier and without further participation of the user of the device;
an option to answer the incoming call at the device, play a greeting to the maker of the incoming call asking the maker of the incoming call to leave a message, locally record a voicemail at the device without utilizing the centralized voicemail system operated by the mobile carrier, and screen the voicemail in real time as it is left by the maker of the incoming call;
an option to answer the incoming call at the device and play a greeting to the maker of the incoming call asking the maker to please hold; and
an option to answer the incoming call at the device and immediately disconnect the incoming call.

US Pat. No. 10,367,937

PROVIDING DATA MESSAGING SUPPORT BY INTERCEPTING AND REDIRECTING RECEIVED SHORT MESSAGE SERVICE (SMS) MESSAGES

West Corporation, Omah, ...

1. A method, comprising:identifying, at a message processing server, at least one of a sender of a message intended for a particular recipient;
wherein the identifying the context of the message comprises:
identifying at least one word from the message as being part of an exclusion list of terms that are not permitted to be forwarded to a recipient's personal computing device;
generating an automated response with first instructions to not attempt contacting the recipient;
transmitting the automated response to the sender; and
transmitting additional automated responses that provide additional instructions to not attempt contacting the recipient.

US Pat. No. 10,367,936

AUTOMATIC DISTRIBUTION OF INMATE PHONE RECORDINGS

DSI-ITI, INC., Reston, V...

1. A non-transitory computer-readable medium storing instructions that, when executed by a processor, cause the processor to perform operations for automatically distributing a recording of a call to an interested party, the call being placed by a calling party through an institutional system to a destination number, the operations comprising:associating forwarding criteria with the interested party;
establishing the call from the calling party to the destination number through the institutional system;
recording the call;
determining that the call satisfies the forwarding criteria associated with the interested party;
after the call is completed, setting a data flag; and
in response to the data flag setting, automatically distributing the recording of the call to the interested party, wherein the interested party has been approved by a facility administration associated with the institutional system.

US Pat. No. 10,367,935

UTILIZING SIP MESSAGES TO DETERMINE THE STATUS OF A REMOTE TERMINAL IN VOIP COMMUNICATION SYSTEMS

1. A method for detecting fraudulent activity in a communication system serving a correctional facility, comprising:receiving a packet stream associated with a voice call utilizing voice over internet protocol (VoIP) between an inmate call party and an outside call party, the packet stream including a session initiation protocol (SIP) message stream;
determining a call phase of the voice call based on the packet stream, wherein the call phase is one of a call setup phase and a call established phase, the call established phase occurring after a successful end of the call setup phase and in response to an ACK signal received from the inmate call party;
flagging as suspicious a first SIP message associated with a message type from within the SIP message stream by:
determining, during the determined call setup phase, that the message type is one of a 181 Response or a 3xx Response, wherein 3xx in the 3xx Response represents an integer between 300 and 399; or
determining, during the determined call established phase, that the message type is one of an INVITE or a REFER; and
in response to the flagging, confirming that a disallowed third party has joined the voice call based at least in part on a first content of the first SIP message or a second content of a second SIP message, the second SIP message appearing after the first SIP message within the SIP message stream.

US Pat. No. 10,367,934

MOTOR VEHICLE SAFE DRIVING AND OPERATING DEVICES, MECHANISMS, SYSTEMS, AND METHODS

1. A motor vehicle safe driving device, comprising:a housing including a compartment;
memory in the housing, the memory storing data in to the motor vehicle safe driving device;
at least one software application program for at least one mobile electronic device that allows interaction between the at least one mobile electronic device and the motor vehicle safe driving device;
a communication system providing interactive communication for the motor vehicle safe driving device,
wherein the communication system provides interactive communication between various features of the motor vehicle safe driving device, a motor vehicle's components and mechanisms, and the at least one mobile electronic device in the motor vehicle;
a transmission control system, the transmission control system interacts with a transmission system and mechanisms of the motor vehicle,
wherein the transmission control system communicates with the motor vehicle safe driving device to determine whether to allow or prohibit the engagement of a forward, drive, and reverse transmission mechanisms based on a location of the at least one mobile electronic device in the motor;
at least one sensor from multiple sensors within the motor vehicle;
a first or more sensors from the at least one sensor from multiple sensors attached to the motor vehicle safe driving device,
wherein a first or more sensors from the at least one sensor from multiple sensors detect, identify, locate, and monitor the at least one mobile electronic device in the motor vehicle and communicates the information of the at least one mobile electronic device to the motor vehicle safe driving device;
wherein the motor vehicle safe driving device analyzes the received information and determines the location of the at least one mobile electronic device and its accessibility to the operator or driver of the motor vehicle and communicates with the transmission control system;
wherein if the motor vehicle's forward, drive, or reverse transmission mechanism is engaged, and the first or more sensors from the at least one sensor from multiple sensors attached to the motor vehicle safe driving device detects, identifies, and locates the at least one mobile electronic device in an unsecure location, the motor vehicle safe driving device disables a display screen of the at least one mobile electronic device in an unsecure location;
a second or more sensors from the at least one sensor from multiple sensors wherein the second or more sensors from the at least one sensor from multiple sensors is in at least one compartment having the ability to open and close, providing the capacity to hold and secure the at least one mobile electronic device,
wherein the second or more sensors from the at least one sensor from multiple sensors detects, identifies, locates, and monitors the location of the at least one mobile electronic device while communicating with the motor vehicle safe driving device,
and when the at least one mobile electronic device is removed from the at least one compartment while the forward, drive, or reverse transmission mechanism of the motor vehicle is engaged, the second or more sensors from the at least one sensor from multiple sensors communicates the location of the at least one mobile electronic device that has been removed from the at least one compartment to the motor vehicle safe driving device, the motor vehicle safe driving device communicates and interacts with the at least one mobile electronic device that has been removed from the at least one compartment and disables the display screen of the at least one mobile electronic device, until the at least one mobile electronic device is either powered off or returned to and secured in the at least one compartment; and
wherein the second or more sensors from the at least one sensor from multiple sensors detects when the at least one mobile electronic device is removed from the at least one compartment while the transmission mechanism of the motor vehicle is in park, the second or more sensors from the at least one sensor from multiple sensors communicates the removal of the at least one mobile electronic device from the at least one compartment of the motor vehicle safe driving device, the motor vehicle safe driving device communicates and interacts with the transmission control system, the transmission control system communicates and interacts with the transmission system and mechanisms of the motor vehicle prohibiting the engagement of the forward, drive, and reverse transmission mechanisms of the motor vehicle until the at least one mobile electronic device is either powered off or secured in the at least one compartment.

US Pat. No. 10,367,933

CONTEXT AND ENVIRONMENT AWARE VOLUME CONTROL IN TELEPHONIC CONVERSATION

INTERNATIONAL BUSINESS MA...

1. A computer program product for automatically adjusting telephonic conversation volume, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a computing device to cause the computing device to:detect a telephone is being used for a telephone conversation;
obtain microphone data from at least one microphone in communication with or incorporated in the telephone;
detect, using the microphone data, sensitive or confidential subject matter in the conversation using natural language processing of the microphone data;
receive, via a user interface of the computing device, a user selection to configure an alert notifying the user when it is determined to reduce the volume of a speaker of the telephone;
automatically reduce the volume of the speaker of the telephone based on the detecting the sensitive or confidential subject matter;
permit the user to selectively configure a speed at which the telephone automatically adjusts the volume;
determine, using the microphone data, a conversation loudness exceeds ambient loudness by a predefined amount; and
automatically adjust the volume of the speaker of the telephone based on the determining the conversation loudness exceeds the ambient loudness by the predefined amount.

US Pat. No. 10,367,932

CALIBRATION OF MEASUREMENT BIAS OF A BAROMETRIC SENSOR IN A WIRELESS TERMINAL

Polaris Wireless, Inc., ...

1. A method of estimating the elevation of a first wireless terminal, the method comprising:receiving, by a data processing system, an identity of a first base station as reported by the first wireless terminal;
receiving, by the data processing system, a first measurement of barometric pressure made by the first wireless terminal;
receiving, by the data processing system, a measurement of barometric pressure made by a pressure reference;
generating a first estimate of bias of barometric pressure measured by the first wireless terminal, in part by comparing:
i) the first measurement of barometric pressure made by the first wireless terminal, to
ii) a true barometric pressure of a first building floor, wherein the first building floor is the building floor of the first base station whose identity is reported by the first wireless terminal, and wherein the true barometric pressure of the first building floor is derived from a) the measurement of barometric pressure made by the pressure reference and b) the height of the first building floor;
receiving, by the data processing system, a second measurement of barometric pressure made by the first wireless terminal;
obtaining an estimate of a lateral location of the first wireless terminal; and
generating an estimate of the elevation of the first wireless terminal based on:
(i) the estimate of the lateral location of the first wireless terminal,
(ii) the second measurement of barometric pressure made by the first wireless terminal, and
(iii) the first estimate of bias.

US Pat. No. 10,367,931

APPARATUS, METHOD, AND SYSTEM OF COGNITIVE COMMUNICATION ASSISTANT FOR ENHANCING ABILITY AND EFFICIENCY OF USERS COMMUNICATING COMPREHENSION

FUVI COGNITIVE NETWORK CO...

1. A communication apparatus with cognitive and visual assistance, comprising:at least one communication interface configured to connect a user to at least one network to execute communication with at least one other user of at least one other communication apparatus;
at least one communication data capturer configured to capture communication data comprising visual and audio information obtained from the communication and further configured to capture synchronized cognitive and emotional data generated from the user during the communication with the at least one other user via the at least one other communication apparatus;
a memory configured to store the communication data and the synchronized cognitive and emotional data;
at least one communication data converter configured to convert the communication data and the synchronized cognitive and emotional data into a visual form comprising at least one of synchronized text, symbols, sketches, images, and animation; and
at least one display configured to display the visual form of the communication data and the synchronized cognitive and emotional data converted by the communication data converter.

US Pat. No. 10,367,930

SPEAKERPHONE CONFIGURATION FOR CONFERENCING

GOOGLE LLC, Mountain Vie...

1. An electronic device comprising:a housing that includes:
a top face; and
a bottom face opposite the top face, the bottom face including a cavity, the cavity comprising a well that has:
a first wall having a first port opening, and
a second wall adjacent to the first wall, the second wall having a second port opening; and
wherein the first port opening is inaccessible when a first cable is connected to the second port opening, and the second port opening is inaccessible when a second cable is connected to the first port opening.

US Pat. No. 10,367,929

SYSTEM AND METHOD FOR CONNECTING A USER TO BUSINESS SERVICES

Xtone, Inc., McLean, VA ...

1. An apparatus configured to interact with a user, comprising:an audio input device configured to receive spoken audio input from a user; and
one or more processors that are configured to perform a method comprising the steps of:
interpreting a spoken request from a user to communicate with a business that is received via the audio input device;
determining whether at least one voice application relevant to the goods and/or services provided by the business is available;
performing at least one voice application that is relevant to the goods and/or services provided by the business for the user when a voice application relevant to the goods and/or services provided by the business is available, wherein the voice application is performed, at least in part, on the apparatus; and
establishing a communications channel between the user and the business when no voice application relevant to the goods and/or services of the business is available.

US Pat. No. 10,367,928

METHOD OF IDENTIFYING CONTACTS FOR INITIATING A COMMUNICATION USING SPEECH RECOGNITION

2236008 Ontario Inc., Wa...

1. A method of initiating a communication using speech recognition on a mobile wireless communication device, comprising:receiving through a microphone a voice input for initiating a communication;
extracting from the voice input using speech recognition a name and a communication type to be initiated from a plurality of potential communication types;
searching a local address book stored in a memory of the mobile wireless communication device to determine whether any contact records in the local address book match the extracted information, wherein the local address book is searched to identify all records having both a contact name that matches the name extracted from the voice input and a type of communication that matches the communication type extracted from the voice input, the type of communication having a populated address field; and
automatically initiating a communication to a contact address from the populated address field of the contact record using an application associated with the communication type in response to a determination that only one contact record in the local address book matches the extracted information.

US Pat. No. 10,367,925

METHOD OF COMMUNICATIONS IN A NETWORK INTERCONNECTING AT LEAST TWO POWER GENERATORS, AND CORRESPONDING INTERFACING DEVICE

SDMO Industries S.A.S., ...

1. A method of communications in a network interconnecting at least two power generators, each power generator being connected to said network by at least one interfacing device, wherein the method comprises:sending and receiving communications frames between the at least two power generators, by the at least one interface device, each of the communications frames comprising at least one piece of supervision data and at least one piece of information data, wherein sending and receiving comprises:
sending the same pieces of information data at least twice, in two operations of sending at least two communications frames that comprise identical pieces of information data, the at least two communications frames separated in time by a predetermined time interval, the predetermined interval being greater than or equal to a maximum time of recovery of said network; and
implementing a systematic elimination of one of the at least two communications frames received when two of the at least two communications frames comprising identical pieces of information data have been received.

US Pat. No. 10,367,924

POSITION-BASED COMMUNICATION ROUTING

Interwise Ltd., Airport ...

1. A method comprising:receiving, at a network control system, a message including content and a header, wherein a destination internet protocol (IP) address of the header identifies a propagation mode for sending the content via a network;
based on at least the propagation mode, obtaining location data regarding a plurality of devices connected to the network, the location data indicating the content is to be sent to a closest device of the plurality of devices;
based on at least the location data, identifying an intended recipient from the plurality of devices, wherein the intended recipient comprises the closest device; and
transmitting the content to the intended recipient.

US Pat. No. 10,367,923

METHOD FOR PROCESSING A DATA PACKET

Robert Bosch GmbH, Stutt...

1. Method for processing at least one data packet comprising a first header, a second header, which has a higher complexity than the first header, and a payload, comprising:transmitting the first header of the data packet in a first transmission mode having a reduced energy requirement necessary for ascertaining a receiver address,
transmitting the second header and the payload of the data packet in a second transmission mode,
processing the first header by a first analog mode, and
processing the second header and the payload by a second, digital mode,
wherein a number of processing steps for performing the second digital mode is greater than a number of processing steps for performing the first analog mode, wherein the two modes are executed separately from one another.

US Pat. No. 10,367,922

METHOD AND APPARATUS FOR SENDING TRANSMISSION CONTROL PROTOCOL TCP DATA PACKET AND SYSTEM

Huawei Technologies Co., ...

1. A method for sending a Transmission Control Protocol (TCP) data packet, wherein the method comprises:obtaining a first round-trip time of sending a TCP data packet in a network;
determining a second round-trip time, wherein the second round-trip time is a round-trip time that exists when a congestion window that is determined according to a first algorithm and a congestion window that is determined according to a second algorithm have an equal size, wherein in the first algorithm an increase step size of the congestion window is determined according to the first round-trip time, in the second algorithm an increase step size of the congestion window is determined according to the first round-trip time and a target throughput, and the target throughput is a throughput expected to be obtained for a service corresponding to the TCP data packet;
using the congestion window determined according to the first algorithm as a first congestion window when the first round-trip time is longer than the second round-trip time;
using the congestion window determined according to the second algorithm as the first congestion window when the first round-trip time is shorter than or equal to the second round-trip time; and
sending the TCP data packet by using the first congestion window.

US Pat. No. 10,367,921

TRANSMISSION APPARATUS, TRANSMISSION METHOD, RECEPTION APPARATUS, AND RECEPTION METHOD

SONY CORPORATION, Tokyo ...

1. A transmission apparatus comprising:circuitry configured to
create a transmission packet, the transmission packet including
a header, the header including type information and length information, the type information indicating whether an Internet Protocol (IP) header and a User Datagram Protocol (UDP) header are compressed, the length information indicating a length of the transmission packet to transmit an IP packet including a UDP packet, and
a generic payload, the generic payload including a destination index and a payload in the UDP packet, the destination index being corresponding to a destination IP address of the IP packet and a destination port number of the UDP packet based on an index table stored in the transmission apparatus; and
transmit the transmission packet.

US Pat. No. 10,367,920

MECHANISM FOR DETERMINING WHETHER TO REDIRECT A REQUEST ORIGINALLY DESTINED FOR A SERVER BASED ON A UNIFORM RESOURCE LOCATOR

Oracle International Corp...

1. A processor-readable storage device including a memory, and instructions executable by one or more digital processors a client device, the processor-readable storage device including one or more instructions for a method comprising:monitoring, performed by the one or more processors of the client device, one or more request messages from a web application component, wherein the one or more request messages are destined for a server in communication with the client device;
accessing, performed by the one or more processors, an indicator in a first request message of the one or more request messages, wherein the indicator is encoded in a uniform resource locator (URL) of the first request message to determine if a first request is for a native behavior that provides client-side platform specifications implemented by the client device that has client-side resources;
determining, performed by the one or more processors, from the indicator in the first request message that the first request message is for Hanna first action that can be performed by a client-side resource of the client device, wherein the determining further comprises determining that the first request message represents the first request to access the native behavior;
in response to the determining, implementing, performed by the one or more processors, the first action by using the client-side resource of the client device without transmitting the first request from the client device to the server that the first request was originally destined for;
intercepting, performed by one or more processors of the client device, a second request message with a second request specifying a second action;
determining, performed by one or more processors, that the second action cannot be performed by any of the client-side resources of the client device;
transmitting the second request specifying the second action from a client request interceptor of the client device to the server, wherein the transmitting of the second request further comprises transmitting the second request specifying the second action to the server instead of encoding the URL and instead of implementing the second action with one of the client-side resources of the client device;
in response to the server performing the second action, receiving, performed by one or more processors, a response from the server, wherein the receiving further comprises receiving the response at the client request interceptor; and
forwarding the response from the client request interceptor to a native application component of the client device.

US Pat. No. 10,367,919

METHODS AND SYSTEMS FOR EFFICIENT DISTRIBUTION OF VIRTUAL REALITY MEDIA CONTENT

Verizon Patent and Licens...

1. A method comprising:displaying, by a media player device on a display screen, a field of view of an immersive virtual reality world;
receiving, by the media player device over a network from a server remote from the media player device, data representative of a plurality of uniform resource locators (“URLs”) that each correspond to a different content file included in a plurality of content files managed by the server, wherein
each content file in the plurality of content files comprises data representative of a plurality of partially overlapping content sectors that together form a 360-degree image of the immersive virtual reality world, the plurality of partially overlapping content sectors included within each content file including a first content sector and a second content sector,
the plurality of content files managed by the server includes respective content files associated with each particular content sector, the particular content sector with which a respective content file is associated being encoded in a high resolution within the respective content file while a remainder of the immersive virtual reality world not included in the particular content sector is encoded in a low resolution lower than the high resolution, and
the content sectors in the plurality of partially overlapping content sectors are dynamic content sectors that move along with an event occurring within the immersive virtual reality world such that the first content sector persistently depicts a dynamic portion of the immersive virtual reality world to which it is anticipated that a user of the media player device is likely to direct the field of view as the dynamic portion moves within the immersive virtual reality world;
receiving, by the media player device over the network from the server and while the field of view is displayed on the display screen of the media player device, a stream of a first content file that is included in the plurality of content files and is associated with the first content sector such that the first content sector is encoded in the high resolution and the second content sector is encoded in the low resolution;
rendering, by the media player device within the field of view while the stream of the first content file is being received by the media player device and based on the data included in the first content file, content included in the first content sector in the high resolution;
detecting, by the media player device, user input provided by the user of the media player device and representative of a request to shift additional content included in the second content sector but not included in the first content sector into the field of view in place of the content included in the first content sector; and
in response to the user input
transmitting, by the media player device, a command to the server to switch from streaming the first content file to streaming a second content file that is included in the plurality of content files and is associated with the second content sector such that the second content sector is encoded in the high resolution and the first content sector is encoded in the low resolution, the transmitting comprising selecting, from the plurality of URLs, a particular URL corresponding to the second content file,
rendering, by the media player device within the field view before the media player device begins receiving a stream of the second content file from the server over the network and based on the data included in the first content file, the additional content included in the second content sector in the low resolution,
receiving, by the media player device subsequent to transmitting the command to the server, the stream of the second content file from the server over the network in place of receiving the stream of the first content file from the server over the network, and
switching, by the media player device in response to the receiving of the stream of the second content file, from rendering the additional content included in the second content sector in the low resolution based on the first content file to rendering the additional content included in the second content sector in the high resolution based on the second content file.

US Pat. No. 10,367,918

SYSTEM TO DYNAMICALLY ADJUST REQUEST VALUES AT A BACK-END APPLICATION SERVER

HARTFORD FIRE INSURANCE C...

1. A system to improve an accuracy of information generated by a back-end application computer server, comprising:(a) a communication port to facilitate receipt of a plurality of data streams of electronic messages, each data stream being received from one of a plurality of remote third-party administrator computer servers via a distributed communication network;
(b) a data stream computer store to store information received in the data streams of electronic messages;
(c) a rules computer store to store different sets of pre-determined rules for different third-party administrator computer servers;
(d) the back-end application computer server, coupled to the communication port, the data stream computer store, and the rules computer store, programmed to:
(i) receive from the data stream computer store information associated with a set of requests from a first third-party administrator computer server, each request being associated with a request value,
(ii) retrieve from the rules computer store a first set of pre-determined rules for the first third-party administrator computer server,
(iii) automatically apply the first set of pre-determined rules to the set of requests from the first third-party administrator computer server, said application resulting in at least one adjusted request value for the set of requests and an overall value based at least in part on the request values and the adjusted request value associated with the set of requests,
(iv) automatically transmit a settlement instruction, including the overall value, to an electronic transaction system, and
(v) as a result of application of the first set of pre-determined rules, automatically transmit a flag to an electronic messaging communication server;
(e) the electronic transaction system to receive the settlement instruction and to execute a settlement transaction in accordance with the overall value; and
(f) the electronic messaging communication server to receive said flag, and as a result of receiving said flag, trigger an electronic notification from the electronic messaging communication server to the remote computer device associated with the first third-party administrator computer server.

US Pat. No. 10,367,917

METHOD AND APPARATUS FOR DYNAMICALLY LOCATING RESOURCES

Apple Inc., Cupertino, C...

1. A method comprising:identifying, by a processor of a client device, a remote location from a plurality of locations from which to obtain a resource, the identifying based on preference criteria and dynamically changing conditions, and wherein the preference criteria include configuration information including an address of the remote location for the resource stored on the client device;
transparently obtaining a later version of the resource from the identified location, wherein an earlier version of the resource, which was previously installed, is available for use at the client device even when the client device is disconnected from a network;
updating the configuration information based upon the obtained later version; and
updating the earlier version of the resource with the later version of the resource for use by a user of the client device, wherein the updating of the earlier version includes installing the later version of the resource on the client device.

US Pat. No. 10,367,914

ATTACHING SERVICE LEVEL AGREEMENTS TO APPLICATION CONTAINERS AND ENABLING SERVICE ASSURANCE

CISCO TECHNOLOGY, INC., ...

1. A computer implemented method comprising: providing a template for orchestration of a cloud provided service in a datacenter, the template including selectable:virtual processing services, virtual networking services, storage services, and service level requirements for the cloud provided service, the datacenter including a plurality of segmented sections of the datacenter;
determining a provisioning queue placement for the cloud provided service based on at least the service level requirements; and
automatically provisioning the cloud provided service in at least one of the plurality of segmented sections based on the template, the provisioning including insertion of a request in a queue based on the provisioning queue placement, wherein if the insertion of the request causes displacement of another request, then the another request is shifted backwards in the queue to a next placement following the request, and
wherein the selectable service level requirements at least one of: include a time to provision the cloud provided service, and the provisioning queue placement is based on available computing resources to provision the cloud provided service, an existing queue of tasks requiring computing resources, and a priority level associated with the tasks in the existing queue or
include an uptime requirement and a tolerance for unavailability of the cloud provided service, andthe provisioning of the cloud provided service includes two or more data centers and is based on the uptime requirement and the tolerance for unavailability.

US Pat. No. 10,367,912

SYSTEM AND METHOD FOR AUTOMATING THE MANAGEMENT, ROUTING, AND CONTROL OF MULTIPLE DEVICES AND INTER-DEVICE CONNECTIONS

CLOUD SYSTEMS HOLDCO, LLC...

1. An apparatus for controlling an environment, comprising:a server configured to host a database that includes information describing a set of static connections and information describing a set of adaptable nodes and that is further configured to run a scheduling service;
a control client that is configured to control at least one output device within the environment and to communicate with the scheduling service;
a control client web application including one or more components configured to render a user interface on the control client, wherein one or more standard widgets of the user interface provide one or more standard control options based at least in part on the at least one output device and one or more specialized widgets provide one or more customizable control options based at least in part on the at least one output device;
a control switch that is configured to communicate with the control client; and
an output device configurator that is configured to send a request to access the output device to the scheduling service and through the control switch, to send configuration information to the output device, and to send control information to the output device, wherein the scheduling service is configured to manage availability of the output device for access.

US Pat. No. 10,367,911

METHODS AND SYSTEMS FOR SMART RESOURCE ALLOCATION BASED ON WORK LOCATION PREDICTIONS

UNITED SERVICES AUTOMOBIL...

1. A computerized method comprising:creating, by a processor associated with an enterprise scheduling system, a user profile associated with a user, the user profile including information relating to one or more devices associated with the user and at least one work location, wherein the work location is a physical location where the user performs work associated with an organization;
receiving, from the one or more devices associated with the user, data sufficient to determine a location of the one or more devices;
analyzing, by the processor, the data to determine a predicted work location of the user, wherein analyzing the data comprises:
determining the location of the one or more devices, and
comparing the location of the one or more devices with previously documented work locations;
optimizing, by the processor associated with an enterprise scheduling system, resources based on the predicted work location of the user and predicted work locations of other users,
wherein optimizing the resources includes adjusting at least one of staffing or parking; and
in response to determining that one or more of the resources are insufficient, sending a recommendation to the user to work at an alternative work location.

US Pat. No. 10,367,910

INSTANTANEOUS NON-BLOCKING CONTENT PURGING IN A DISTRIBUTED PLATFORM

Verizon Digital Media Ser...

1. A computer-implemented method for non-blocking content purging, the method comprising:caching a plurality of content to memory of a content distribution server with a first timestamp corresponding to a time at which each content of the plurality of content is cached to the memory;
providing, by the content distribution server, a different second timestamp to a command designating removal of particular content from said memory, wherein the particular content is part of the plurality of content cached to said memory, and wherein the second timestamp corresponds to a time at which the command is received at the content distribution server;
maintaining a copy of the particular content in said memory in response to said command and before the content distribution server receives a user request for the particular content;
receiving by the content distribution server, a user request for the particular content; and
executing by the content distribution server, a cache miss, in response to the user request, based on the first timestamp of the particular content being older than the second timestamp of the command, wherein executing the cache miss comprises replacing the copy of the particular content in said memory with an updated copy retrieved from an origin server and sending the updated copy in answer to the user request.

US Pat. No. 10,367,909

METHOD, DEVICE, AND SYSTEM FOR DISPLAYING INFORMATION ASSOCIATED WITH A WEB PAGE

Alibaba Group Holding Lim...

1. A method, comprises:receiving a web page access request;
in response to receiving the web page access request, obtaining a first web page from a first server;
displaying the first web page and obtaining designated information associated with the first web page, wherein the designated information comprises content associated with the first web page;
receiving an instruction to navigate to a second web page;
in response to receiving the instruction to navigate to the second web page, communicating the designated information to a second server associated with the second web page, wherein the designated information comprises: behavioral characteristic information associated with a user, information associated with a designated location within the first web page, or both;
receiving information associated with the second web page from the second server; and
displaying the second web page.

US Pat. No. 10,367,908

EXTENDING CACHING NETWORK FUNCTIONALITY TO AN EXISTING STREAMING MEDIA SERVER

Level 3 Communications, L...

5. An interface device, in a system for content delivery comprising a streaming media server, a caching server, and one or more storage devices accessible to the caching server, wherein the storage device stores streaming content, the interface device comprising:at least once processor;
memory, operatively connected to the at least one processor and containing instructions that, when executed by the at least one processor, cause the interface device to:
initiate retrieval, by the caching server, of at least one electronic streaming resource from the one or more storage devices in response to an end user's request for the at least one electronic streaming resource received by the streaming media server;
receive an instruction from the streaming media server that includes a first electronic resource locator of the at least one electronic streaming resource;
convert the first electronic resource locator into a second electronic resource locator, wherein the first electronic resource locator is in a streaming format and wherein the second electronic resource locator is in a different format; and
use the second electronic resource locator to initiate retrieval, by the caching server, of the at least one electronic streaming resource.

US Pat. No. 10,367,907

CONTENT DELIVERY NETWORK ARCHITECTURE WITH EDGE PROXY

Level 3 Communications, L...

1. A content delivery network comprising:a proxy cache device configured to receive a request for a resource from a user device, wherein the resource request is transmitted from the user device to the proxy cache device via a first network; and
a plurality of edge servers in communication with the proxy cache device via a second network, each of the plurality of edge servers configured to retrieve a copy of the resource in response to receiving the resource request;
wherein the proxy cache device is further configured to:
calculate a hash value based at least on the resource request;
select an edge server from the plurality of edge servers based at least on the calculated hash value;
transmit the resource request to the selected edge server; and
in response, receive a copy of the requested resource from the selected edge server via the second network.

US Pat. No. 10,367,906

METHOD AND APPARATUS FOR SECURE CONTENT DELIVERY FROM A TELECOMMUNICATION NETWORK CACHE

Telefonaktiebolaget LM Er...

1. A method of providing content over a secure connection to a subscriber device of a telecommunication network comprising:receiving a secure connection request from the subscriber device, said secure connection request being received at a first communication interface of a network data center that is internal to the telecommunication network and being directed to an external network address associated with an external content provider that is external to the telecommunication network;
determining whether or not the external content provider is registered for secure-content caching in the network data center; and
responsive to determining that the external content provider is registered:
establishing a secure session between the network data center and the subscriber device, including establishing a session key for encrypting communications over the secure session;
determining whether the content targeted by the secure connection request is available from a content cache of the network data center;
responsive to determining that the content targeted by the secure connection request is available from the content cache, delivering the content targeted by the secure connection request from the content cache to the subscriber device using the secure session; and
responsive to determining that the content targeted by the secure connection request is not available from the content cache:
initiating a takeover of the secure session by the external content provider by forwarding session information towards the external content provider via a second communication interface of the network data center, said session information including the session key, a network address of the subscriber device, and identification of the content targeted by the secure connection request; and
instructing the telecommunication network to forward all subsequent session messages from the subscriber device for the secure session towards the external content provider rather than towards the network data center.

US Pat. No. 10,367,905

INTEGRATION FRAMEWORK AND USER INTERFACE FOR EMBEDDING TRANSFER SERVICES INTO APPLICATIONS

The Western Union Company...

1. A transaction service integration system comprising:one or more content delivery network servers in a content delivery network, each content delivery network server comprising:
a processing unit comprising one or more processors;
one or more storage devices configured to receive and store a plurality of content resources representing transaction user interfaces;
a network interface configured to receive data from and transmit data to a transaction server; and
memory coupled with and readable by the processing unit and storing therein a set of instructions which, when executed by the processing unit, causes the content delivery network server to:
receive and store a plurality of content resources, from the transaction server, representing transaction user interfaces;
receive requests, from a transaction client device, for a transaction user interface;
retrieve a specific transaction user interface, in response to the requests received from the transaction client device; and
transmit the specific transaction user interface to the transaction client device;
a transaction client device, comprising:
a processing unit comprising one or more processors;
an input/output (I/O) subsystem configured to receive transaction request data; and
a network interface configured to securely communicate transaction request data to the transaction server; and
memory coupled with and readable by the processing unit and storing therein a set of instructions which, when executed by the processing unit, causes the transaction client device to:
execute a host software application configured to provide multi-party communication services via the transaction client device;
invoke, within the host software application, an integrated software component configured to provide secure transaction services;
receive a unique user identifier associated with a current user of the host software application;
receive, by the integrated software component and from the host software application, transaction sender data and transaction receiver data;
transmit, by the integrated software component, transaction sender data transaction receiver data, and an authentication request to the transaction server, wherein the authentication request includes the unique user identifier;
receive, by the integrated software component and from the transaction server, data identifying a transaction user interface and an authentication response;
retrieve, by the integrated software component, the transaction user interface from a particular content delivery network server;
render, by the integrated software component, the transaction user interface within the host software application; and
determine, based on the authentication response received from the transaction server, whether or not to require an input of user credentials via the integrated software component, prior to submitting a transaction request via the transaction user interface; and
the transaction server, wherein the transaction server comprises one or more computer servers configured to communicate with the one or more content delivery network servers and the transaction client device, wherein the one or more computer servers of the transaction server comprise:
one or more processing units, each processing unit comprising one or more processors; and
one or more memory devices respectively coupled to and readable by the one or more processing units, the memory devices storing therein one or more sets of instructions which, when executed by the processing units, causes one or more computer servers of the transaction server to:
transmit a plurality of content resources representing a plurality of transaction user interfaces to one or more content delivery network servers;
receive, from the integrated software component of the transaction client device, transaction sender data and transaction receiver data;
determine, based on the received transaction sender data and transaction receiver data, a transaction sender location and a transaction receiver location;
determine, based at least in part on the transaction sender location and the transaction receiver location, the transaction user interface from the plurality of transaction user interfaces;
determine a particular content delivery network server at which the transaction user interface is stored; and
transmit data identifying the transaction user interface and the particular content delivery network server, to the integrated software component.

US Pat. No. 10,367,904

CONSOLIDATED NETWORK REPOSITORY (CNR) FOR STORING DATA ASSOCIATED WITH DIFFERENT COMMUNICATION NETWORK PLATFORMS

1. A system, comprising:a processor; and
a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising:
communicating with a storage device comprising a single logical layer that stores consolidated networks data according to a single common schema, wherein the single logical layer is accessed according to the single common schema, wherein the consolidated networks data comprises first network data representative of a first network domain that operates according to a first protocol and that provides a first group of services, and second network data representative of a second network domain that operates according to a second protocol different than the first protocol and that provides a second group of services different than the first group of services;
receiving, from a first device of the first network domain, a request for a first portion of the consolidated networks data, wherein the request is formatted according to the first protocol and specifies access to the first portion according to a platform-specific database schema associated with the first network domain;
translating the request according to the single common schema that specifies access to the first portion according to the single common schema;
generating a modified request based on the translating;
using the modified request to access the storage device and retrieve the first portion; and
transmitting the first portion to the first device.

US Pat. No. 10,367,902

MEDIA RESOURCE ADDRESS RESOLUTION AND ACQUISITION METHOD, SYSTEM, SERVER AND CLIENT TERMINAL

Guangzhou UCWeb Computer ...

1. A media resource address resolution method, comprising:sending an assist resolution request from a resolution server provided separately from a server hosting a target website to a client terminal, the assist resolution request including reference address information of a media resource on the target website and causing the client terminal to acquire webpage information of the media resource from the server hosting the target website according to the reference address information; and
receiving, by the resolution server, the webpage information of the media resource returned by the client terminal; and
resolving, at the resolution server, the received webpage information of the media resource to obtain a playback address of the media resource.

US Pat. No. 10,367,901

PROACTIVE ENVIRONMENT-BASED CHAT INFORMATION SYSTEM

GOOGLE LLC, Mountain Vie...

1. A method for proactively delivering push notifications in a chat information system (CIS), the method comprising:identifying, by a processor of a user device operatively coupled to a memory of the user device, at least one triggering event;
receiving, at the user device, a push notification comprising metadata for the user device to submit to a networked server;
in response to the push notification being opened by a user via interacting with the user device, generating, by the processor, a request to obtain information associated with the at least one triggering event from the networked server, wherein the request comprises the metadata of the push notification;
receiving, at the user device and from the networked server, information in response to the request;
generating, by the processor of the user device, a push notification message for the user, wherein the push notification message contains the information received from the networked server and is associated, at least in part, with the at least one triggering event; and
providing, by the processor of the user device, the push notification message to the user.

US Pat. No. 10,367,900

PRESENCE NOTIFICATIONS

Metaswitch Networks Ltd.,...

1. A method for operating a presence service to provide presence information on behalf of a first telecommunications device, the method comprising:creating a virtual presence notification roster on behalf of the first telecommunications device upon determining that the first telecommunications device does not take part in presence notification, the first telecommunications device being coupled to a first telecommunications server;
receiving, by the presence service and from the first telecommunications server, a status notification comprising a status indication for the first telecommunications device;
generating and storing presence data based at least in part on the status indication;
receiving, by the presence service and from a second telecommunications device, a subscription to presence information for the first telecommunications device;
sending, by the presence service, a presence notification to the second telecommunications device comprising presence information for the first telecommunications device based at least in part on the status indication;
receiving, by the presence service, a message from the first telecommunications device for participating in presence notification; and
replacing the virtual presence notification roster created on behalf of the first telecommunications device with a normal presence notification roster for the first telecommunications device.

US Pat. No. 10,367,899

SYSTEMS AND METHODS FOR CONTENT AUDIENCE ANALYSIS VIA ENCODED LINKS

BITLY, INC., New York, N...

1. A system for analyzing online content audience, comprising:at least one server of a content audience analysis system, configured to:
generate a first set of encoded links for accessing first resources of a first content publisher and a second set of encoded links for accessing second resources of second content publishers;
receive a plurality of requests to access the first set of encoded links linked to the first resources of the first content publisher, each request to access an encoded link of the first set of encoded links from a client device of unique client devices identifying i) a source uniform resource locator (URL) identifying a resource on which the encoded link of the first set of encoded links was presented and ii) a cookie of the content audience analysis system that is unique to the client device;
identify, from each request of the plurality of requests to access the first set of encoded links, a source content publisher of the first content publishers corresponding to the resource identified by the source URL;
identify, from the plurality of requests to access the first set of encoded links, a plurality of cookies of the content audience analysis system assigned to the unique client devices;
identify the second content publishers having the second resources that were accessed by the unique client devices via the second set of encoded links linked to the second resources of the second content publishers based on the plurality of cookies identified from the plurality of requests to access the first set of encoded links linked to the first resources of the first content; and
provide, to the first content publisher, data corresponding to the identified second content publishers having the second resources accessed by the unique client devices that also accessed the first resources of the first content publisher.

US Pat. No. 10,367,898

INTEREST PROFILES FOR AUDIO AND/OR VIDEO STREAMS

1. A method comprising:in response to an aggregate interest profile associated with a first streaming media item indicating that the first streaming media item is high quality, saving the first streaming media item to a memory, wherein the aggregate interest profile aggregates a first interest profile for the first streaming media item provided by a second user and a second interest profile for the first streaming media item provided by a third user;
in response to a second aggregate interest profile associated with a second streaming media item indicating that the second streaming media item is not high quality, not saving the second streaming media item to the memory;
sending, from a processor, a recommendation for the first streaming media item to a device associated with a first user;
determining, at the processor, a difference between the first interest profile and the second interest profile, the difference associated with a portion of the first streaming media item;
comparing, at the processor, the difference to a threshold value; and
in response to the difference exceeding the threshold value and after sending the recommendation, transmitting, from the processor, a first indication associated with the first streaming media item based on the difference to the device, wherein the first user, the second user, and the third user are distinct users.

US Pat. No. 10,367,897

METHOD AND APPARATUS FOR RELEASING SERVICES IN STAGES

TENCENT TECHNOLOGY (SHENZ...

1. A method for releasing services on a server in stages, the method comprising:setting a number of accounts that can access a new service and releasing the new service to the accounts in a first time period;
setting an access rate for the new service and releasing the new service in accordance with the access rate in a second time period, wherein the access rate indicates a number of accesses to the new service per unit time; and
releasing the new service to the entire server in a third time period,
wherein releasing the new service in accordance with the access rate comprises:
determining a value of the access rate;
when an actual number of access requests received by the server during a unit time is greater than the value of the access rate, directing a portion of the actual number of access requests that are over the value of the access rate to an old service corresponding to the new service,
wherein setting the access rate for the new service and releasing the new service in accordance with the access rate further comprises:
setting an initial access rate and a maximum access rate for the new service; and
increasing the access rate for the new service from the initial access rate to the maximum access rate during the second time period.

US Pat. No. 10,367,896

SERVICE LAYER SESSION MIGRATION AND SHARING

Convida Wireless, LLC, W...

1. A node comprising a processor, a memory, and communication circuitry, the node being connected to a communications network via its communication circuitry and operating as a gateway or server in the network, the node further including computer-executable instructions stored in the memory of the node which, when executed by the processor of the node, perform functions of an instance of a service layer of the network and cause the node to:store, in the memory of the node, context comprising information concerning a communication session established between the service layer instance of the node and an application executing on a second node connected to the network; and
in response to a trigger condition indicating that the communication session between the service layer instance of the node and the application of the second node is to be migrated to or shared with a third node, transmit the stored context for the communication session from the node to a service layer instance executing on the third node.

US Pat. No. 10,367,894

INFORMATION PROCESSING APPARATUS, METHOD FOR CONTROLLING THE SAME, NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM, AND INFORMATION PROCESSING SYSTEM

CANON KABUSHIKI KAISHA, ...

1. An information processing system that performs communication between an image forming apparatus and an information processing apparatus via a relay server,the information processing apparatus comprising:
a plurality of communication clients respectively capable of communicating by different communication protocols; and
a first communication control unit that sets a local host as a connection destination, creates a first communication socket by designating a predetermined port, activates one communication client out of the plurality of communication clients, and in communication between the activated communication client and the relay server, adjusts and relays communication data between HTTP and the corresponding communication protocol via the first communication socket,
wherein at least one of the plurality of communication clients and the first communication control unit is implemented by at least one processor and a memory, and
the image forming apparatus comprising:
a plurality of communication servers respectively capable of communicating by different communication protocols; and
a second communication control unit that sets a local host as a connection destination, creates a second communication socket to one communication server out of the plurality of communication servers by designating a predetermined port designated from the information processing apparatus, and in communication between the communication server and the relay server, adjusts and relays communication data between HTTP and the corresponding communication protocol via the second communication socket,
wherein at least one the plurality of communication servers and the second communication control unit is implemented by at least one processor and a memory.

US Pat. No. 10,367,893

METHOD AND APPARATUS OF PERFORMING PEER-TO-PEER COMMUNICATION ESTABLISHMENT

OPEN INVENTION NETWORK LL...

1. A method comprising:establishing an initial TCP data connection between a first network device and a second network device via a third network device;
transmitting, via the initial TCP data connection, a rendezvous message from the first network device to the third network device;
sending, via the first network device, parallel TCP/user datagram protocol data transfer (UDT) connection messages to attempt a connection with each local interface of the third network device, based on information contained in the rendezvous message;
identifying, via the first network device, an optimal connection based on performance information associated with each connection attempt;
establishing a peer-to-peer (P2P) data connection between the first network device and the second device based on the identified optimal connection, the P2P data connection being independent of the third network device;
transferring a request to the third network device over the initial TCP data connection to connect the first network device with the second network device via the P2P connection;
responsive to receiving the request, listening on a specific port for incoming connection communications from the third network device and executing a script on the second network device via the third network device that performs downloading of dynamic linked libraries (DLLs) from the third network device to the second network device; and
transferring data messages between the first network device and the second network device via the P2P connection.

US Pat. No. 10,367,892

SYSTEM AND METHOD FOR AGGREGATING COMMUNICATION CONNECTIONS

WHATSAPP INC., Menlo Par...

1. A method, comprising:receiving an alert message at a client device from a communication system, the alert message indicating that a communication for the client device has been received at the communication system from a second client device;
opening a messaging application on the client device in response to the alert message;
connecting the client device to the communication system at an address included in the alert message; and
receiving the communication via the connection, wherein the address included in the alert message is the address of a communication server connected to the second client device that sent the communication to the communication system;
wherein the alert message is received when the client device is off-line from the communication system.

US Pat. No. 10,367,891

SYSTEM AND METHOD FOR IMPROVING EFFICIENCY OF SSL/TLS CONNECTIONS

CITRIX SYSTEMS, INC., Fo...

1. An appliance of a cluster of appliances, the appliance comprising:one or more network interfaces configured to facilitate a first secure session between a client device and the appliance and a second secure session between the appliance and a server; and
a secure session exchange module configured to:
provide a message that includes an initialization indicator for broadcasting to one or more other appliances of the cluster of appliances when a new connection request is received from the client device, the message indicating that the appliance is acting as a primary instance for the server among the one or more other appliances and is responsible for performing a full handshake procedure with the server, and
acquire at least one session-related parameter through the full handshake procedure for a secure layer with the server, wherein a network interface of the one or more network interfaces is configured to send the at least one session-related parameter to one or more other appliances for use by the one or more other appliances to perform a shortened handshake by reusing the at least one session-related parameter.

US Pat. No. 10,367,890

MAINTAIN SINGLE SESSION WITH A SINGLE APPLICATION ACROSS MULTIPLE CLIENTS

Oracle International Corp...

1. A method for facilitating interaction between computing sessions, the method comprising:initiating a first session with a first application;
providing interface information to the first application via the first session, wherein the interface information characterizes a second session with a second application;
causing the first application to use the second application by employing the interface information that characterizes the second session of the second application in one or more messages transferred from the first application to the second application, wherein causing further includes:
causing the first application to use functionality of the second application, wherein the functionality of the second application is accessed by the first application using the first session and the interface information that characterizes the second session of the second application, thereby causing a request message from the first session to the second session to appear to the second application as coming from the second session.

US Pat. No. 10,367,889

SMART ROUTING FOR ON-VEHICLE TELEMATICS PROTOCOL

FORD GLOBAL TECHNOLOGIES,...

1. A vehicle system comprising:a gateway including a database and configured to transfer messages between a plurality of controllers, each controller connected to one of a plurality of nodes, the gateway further configured to:
broadcast, to all the nodes, a request message received from a first controller for receipt by a second controller;
receive, from a first node, a response message from the second controller for receipt by the first controller; and
link, in the database, the first node and the second controller.

US Pat. No. 10,367,888

CLOUD PROCESS FOR RAPID DATA INVESTIGATION AND DATA INTEGRITY ANALYSIS

FAIR ISAAC CORPORATION, ...

1. A method comprising:receiving summary statistics computed by at least executing one or more analytical processes on a dataset stored in parts across a set of memory based compute nodes, each compute node finding partial statistics of a data part stored on the respective compute node, the partial statistics representative of a respective data part;
storing the summary statistics in a random access memory associated with a server computer, the random access memory being accessible by at least one of the compute nodes, the summary statistics being a combination of the partial statistics and representative of a full dataset;
identifying, for pre-model building data understanding, outlier data by comparing subsets of data in the dataset, the identified outlier data accessible to a predictive model;
generating a graphical representation of at least some summary statistics stored in the random access memory; and
formatting the graphical representation of at least some summary statistics for transmission to and display by one or more client computers.

US Pat. No. 10,367,887

DATA STORAGE SYSTEM AND DATA STORAGE METHOD THEREOF

ACCELSTOR LTD., Taipei (...

1. A data storage system, configured to be connected to at least one client, the data storage system comprising:a first server comprising a processor and memory, connected to a transmission line, the first server comprising:
a first data pool; and
a first controller, configured to operate in an active mode and an alone mode, wherein in the active mode, the first controller receives multiple pieces of to-be-stored data from the at least one client, and the first controller stores the pieces of to-be-stored data in the first data pool, and sends the pieces of to-be-stored data through the transmission line; and
a second server comprising a processor and memory, connected to the transmission line, wherein the second server is connected to the first server through the transmission line, and the second server comprises:
a second data pool; and
a second controller, configured to operate in the active mode and a rejection mode, wherein in the active mode, the second controller receives the pieces of to-be-stored data through the transmission line, and the second controller stores the pieces of to-be-stored data in the second data pool;
wherein when the second controller operates in the active mode, the second controller receives other pieces of to-be-stored data from the at least one client, and the second controller stores the other pieces of to-be-stored data in the second data pool, and sends the other pieces of to-be-stored data through the transmission line; and when the first controller operates in the active mode, the first controller receives the other pieces of to-be-stored data through the transmission line, and stores the other pieces of to-be-stored data in the first data pool;
wherein in the rejection mode, the second controller does not receive each piece of to-be-stored data sent by the at least one client, so that the first controller receives each piece of to-be-stored data in the alone mode, stores each piece of to-be-stored data in the first data pool, and the first controller does not send each piece of to-be-stored data through the transmission line.

US Pat. No. 10,367,886

INFORMATION PROCESSING APPARATUS, PARALLEL COMPUTER SYSTEM, AND FILE SERVER COMMUNICATION PROGRAM

FUJITSU LIMITED, Kawasak...

1. An information processing apparatus among a plurality of information processing apparatuses that perform parallel computing processing in a parallel computer system, wherein the information processing apparatuses are coupled to each other and also coupled to a file server, the information processing apparatus comprising;a memory, and
a processor coupled to the memory and configured to execute a process comprising:
determining a data length of target data associated with input/output requests between the information processing apparatus and the file server;
determining a coordinate vector of the information processing apparatus;
receiving data lengths and coordinate vectors from each of other information processing apparatuses among the information processing apparatuses;
calculating a centroid position of the information processing apparatuses based on the determined data length, the determined coordinate vector, and the received data lengths and coordinate vectors from each of the other information processing apparatuses;
determining a specific information processing apparatus, from among the information processing apparatuses, which is nearest to the calculated centroid position; and
when the specific information processing apparatus is determined to be the information processing apparatus, at least one of receiving and transmitting data identified in subsequent input/output requests between the file server and two or more of the other information processing apparatuses.

US Pat. No. 10,367,885

METHODS FOR USING EXTRACTED FEATURES TO PERFORM AN ACTION ASSOCIATED WITH SELECTED IDENTIFIED IMAGE

Network-1 Technologies, I...

1. A method comprising:(a) receiving, at a computer system from a user electronic device, a query related to an image obtained from the user electronic device;
(b) receiving, at the computer system, one or more extracted features of the image, wherein the one or more extracted features include a compact representation of at least a portion of the image related to one or more blocks of pixels of the image;
(c) identifying, using the computer system, one or more annotations associated with the image;
(d) identifying, at the computer system, one or more other images related to the image by comparing the one or more extracted features from the image with reference features from a first plurality of reference works using a sub-linear search of reference features that identifies one or more matches to the image but does not guarantee to identify an exact match to the image, wherein the first plurality of reference works are organized using a clustering technique based on annotations including the one or more annotations to eliminate a second plurality of reference works from being searched;
(e) providing, by the computer system to the user electronic device, the identified one or more other images along with action information associated with the identified one or more other images, wherein the action information is related to an action to be performed at the user electronic device;
(f) receiving, at the computer system from the user electronic device, a selection of one of the identified one or more other images; and
(g) providing, to the electronic device, machine readable instructions for performance of the action associated with the selected one of the identified one or more other images.

US Pat. No. 10,367,884

CONTENTS SHARING METHOD BETWEEN MOBILE TERMINAL AND LOCAL SERVER

SAMSUNG ELECTRONICS CO., ...

1. A method of communicating metadata of contents at an electronic device, the method comprising:receiving the metadata of the contents from a first device;
receiving a contents share service request if the electronic device is determined to be located within a predetermined area;
transmitting a response to the contents share service request for an approval of contents share service; and
establishing a communication channel with a second device, wherein the communication channel is a traffic channel available to the second device;
receiving metadata from the second device; and
transmitting the metadata information of the contents to the second device based on a result of matching the metadata of the contents from the first device and the metadata from the second device.

US Pat. No. 10,367,883

COMPUTING RESOURCE MANAGEMENT USING DEDICATED LEADERSHIP POOL

Nutanix, Inc., San Jose,...

1. A method comprising:responsive to a request for an instance of a service to serve in a leadership role, requesting, by the instance of the service, an amount of resources from a dedicated leadership resource pool based on an expected increase in resources to perform the leadership role, wherein the dedicated leadership resource pool is available only to services serving in leadership roles;
accepting the request to serve in the leadership role when the amount of resources are available in the dedicated leadership resource pool; and
denying the request to serve in the leadership role when the amount of resources are unavailable in the dedicated leadership resource pool.

US Pat. No. 10,367,882

OFFLINE CONTENT DISTRIBUTION NETWORKS

PCCW Vuclip (Singapore) P...

1. One or more non-transitory computer-readable media storing instructions that, when executed by one or more computing devices, cause performance of:receiving a collection of media content at a first mobile device, the collection including a plurality of videos;
executing a local content server at the first mobile device, the first mobile device configured to accept local connections from other mobile devices, the first mobile device storing the collection of media content;
establishing a local connection between the first mobile device and a given mobile device;
receiving, at the first mobile device, data from a content access client application on the given mobile device;
based on the data from the content access client application, the first mobile device recognizing the given mobile device as being provisioned for access to content from the collection;
responsive to the local content server recognizing that the given mobile device has been provisioned for access to content from the collection, the first mobile device transmitting one or more media content items from the collection of media content to the given mobile device over the local connection, the one or more media content items including at least one video.

US Pat. No. 10,367,880

METHOD AND SYSTEM FOR PRESENTING MEDIA CONTENT

1. A media portal device, comprising:a processing system including a processor; and
a memory that stores executable instructions that, when executed by the processing system, facilitate performance of operations, comprising:
receiving a selection of media content from a first communication device, the selection of media content identifying selected media content;
receiving a selection of a media content type from the first communication device, the selection of the media content type identifying a selected media content type option from a plurality of available media content type options for the selected media content, each media content type option corresponding to a different one of a plurality of media content types;
submitting a first request to a second communication device, to accept or decline the selected media content according to the selected media content type option, wherein reception of the first request causes the second communication device to pause a program being presented at the second communication device;
responsive to an acceptance of the first request submitted to the second communication device, storing a metadata pointer associated with the selected media content for use by the second communication device, wherein the acceptance of the first request causes the second communication device to store a notation in a media library of the second communication device, and wherein the notation includes a name associated with the selected media content as defined at the second communication device; and
responsive to receiving a second request from the second communication device for the selected media content:
retrieving the selected media content from a media content source according to the metadata pointer,
processing the selected media content according to the selected media content type option by removing a portion of the selected media content that corresponds to a second media content type option of the plurality of available media content type options to produce processed media for presentation to the second communication device, and
providing the processed media to the second communication device,
wherein the receiving of the second request is responsive to a selection of the name from the media library at the second communication device.

US Pat. No. 10,367,879

DOWNLOAD PRIORITIZATION

Apple Inc., Cupertino, C...

1. A non-transitory machine-readable medium containingexecutable program instructions which when executed by a device cause the device to perform a method comprising:
receiving, from one or more processes running on the device, a plurality of download requests, wherein each download request corresponds to a request for a respective object;
determining a priority hint associated with a process running on the device;
scheduling, based on at least the priority hint associated with the process, a download request from the plurality of download requests;
based on the scheduling of the download request, starting a download process using the scheduled download request to download an object corresponding to the download request;
determining that a change has occurred in the priority hint during the download process;
based on determining that the change occurred, changing a characteristic of the download process; and
storing the object corresponding to the download process.

US Pat. No. 10,367,878

OPTIMIZATION OF PATH SELECTION FOR TRANSFERS OF FILES

BMC Software, Inc., Hous...

1. A system for network path selection for transfers of files within a computing network, including instructions stored on a non-transitory computer readable storage medium and executable by at least one processor, the system comprising:a file transfer manager implemented at a first data center, wherein the file transfer manager is configured to cause the at least one processor to transfer a file from a source computing device to a target computing device, the source computing device being communicatively coupled to the first data center, the target computing device being communicatively coupled to a second data center, wherein the file is associated with file metadata, and with an organization, the file metadata including one or more checksum values and information about the file, the file metadata including security-related metadata and transfer latency metadata,
wherein the file transfer manager is configured to cause the at least one processor to:
intercept, via an application programming interface (API), an operating system call issued at the source computing device, the intercepted operating system call including a file transfer request for transferring the file;
determine whether or not the file already exists at the target computing device based on the one or more checksum values;
compute network metadata about the network conditions of a private wide area network (WAN) and of a plurality of publicly available data hosting services in response to the determination that the file does not already exist at the target computing device, the network metadata including information representing available network bandwidth on the private WAN and available network bandwidth on the plurality of publicly available data hosting services, wherein the private WAN is a computer network administered by the organization, and each of the plurality of publicly available data hosting services is a network that is not administered by the organization; and
programmatically select either the private WAN or one of the plurality of publicly available data hosting services for transferring the file by executing path decision logic, wherein the path decision logic includes decision criteria specifying weights applied to the security-related metadata and the transfer latency metadata, wherein the security-related metadata is associated with a higher weight than the transfer latency metadata,
wherein, in response to the selection of one of the plurality of publicly available data hosting services for transferring the file, the file transfer manager is configured to cause the at least one processor to:
upload the file to the selected publicly available data hosting service;
transfer configuration data to the second data center, the configuration data including information for accessing the selected publicly available data hosting service, the configuration data including a digital certificate;
instruct the second data center to download the file from the selected publicly available data hosting service using the configuration data; and
instruct the second data center to transfer the file from the second data center to the target computing device.

US Pat. No. 10,367,877

SYSTEM AND METHOD FOR IDENTIFYING PUBLICLY AVAILABLE CAMERAS

Purdue Research Foundatio...

1. A method for identifying network cameras, comprising:(a) receiving name of an organization by one or more processors;
(b) performing an internet search via a script for the name associated with the organization by the one or more processors, thereby generating a plurality of website Hypertext Markup Language (HTML) listings, and parsing each of the generated HTMLs to identify a range of internet protocol (IP) addresses for the associated organization by the one or more processors;
(c) querying each IP address in the range of the IP addresses by the one or more processors;
(d) receiving a response from each queried IP address by the one or more processors;
(e) verifying the received response is from a camera by obtaining an image file from the IP address and analyzing the image file by the one or more processors; and
(f) adding the IP address to a list of identified cameras upon verification by the one or more processors.

US Pat. No. 10,367,876

ENVIRONMENTALLY ADAPTIVE AND SEGREGATED MEDIA PIPELINE ARCHITECTURE FOR MULTIPLE STREAMING SESSIONS

AVAST SOFTWARE S.R.O., P...

1. A method for providing an adaptive media pipeline, the method comprising:receiving, by a computing device, a connection request from an endpoint device;
in response to receiving the connection request, establishing, by the computing device, a remote desktop, a trusted mobile instance, and a delivery handler, wherein the trusted mobile instance is established within an isolation layer of the computing device and the delivery handler is established within a media pipeline service of the computing device, wherein the isolation layer is comprised of a group of one or more processes segregated from at least one process of the delivery handler, and wherein the group of processes of the isolation layer shares at least one computing resource of the computing device with the at least one process of the delivery handler;
retrieving, by the trusted mobile instance, media content of the remote desktop;
sharing, by the trusted mobile instance, the retrieved media content with the delivery handler using a shared memory buffer interconnected between the trusted mobile instance and the delivery handler;
determining, by the delivery handler, quality of service parameters, wherein said quality of service parameters comprise at least one of an encoding rate, an encoding format, a rendering or frame rate, and a screen resolution; and
providing, by the computing device via the delivery handler, the media content to the endpoint device in accordance with the quality of service parameters.

US Pat. No. 10,367,875

METHOD AND SYSTEM FOR DYNAMIC RATE ADAPTATION OF A STREAM OF MULTIMEDIA CONTENTS IN A WIRELESS COMMUNICATION NETWORK

Telecom Italia S.p.A., M...

1. A method of downloading a multimedia content from a server to a client device through a wireless communication network, the multimedia content being subdivided into a plurality of portions and for each portion the server storing a plurality of versions thereof each of which is encoded with a specific encoding quality, the method comprising:selecting, by the client device and among the plurality of versions of each portion of the multimedia content, a version of the portion of the multimedia content to be downloaded based on wireless communication parameters determined at at least two different layers of a wireless communication network OSI protocol stack at the client device, wherein the wireless communication parameters determined at the at least two different layers of the wireless communication network OSI protocol stack at the client device comprise first wireless communication parameters determined at an application layer of the OSI protocol stack, and wherein the first wireless communication parameters comprise a streaming service quality of the download of the multimedia content from the server to the client device determined at the application layer of the OSI protocol stack.

US Pat. No. 10,367,874

MPEG-DASH DELIVERY OVER MULTICAST

Verizon Patent and Licens...

1. A method comprising:receiving, by a first network device of a multicast network, a program including audio and video data;
generating, by the first network device, Moving Picture Experts Group (MPEG) Dynamic Adaptive Streaming over Hypertext Transfer Protocol (HTTP) (MPEG-DASH) segments that have multiple bit rates in response to the receiving;
transmitting, by the first network device and to a second network device of the multicast network, first packets that include the MPEG-DASH segments in response to the generating;
dividing, by the second network device, each of the MPEG-DASH segments into first multiple slices of program data, wherein the program data includes a portion of the audio and video data;
generating, by the second network device, a first header for each first slice of the first multiple slices, wherein the first header includes sequence information;
multicasting, by the second network device and to a third network device of the multicast network, second packets that include first headers and the first multiple slices of each of the MPEG-DASH segments;
assembling, by the third network device, the MPEG-DASH segments based on the first headers and the first multiple slices;
dividing, by the third network device, each of the MPEG-DASH segments into second multiple slices of the program data;
encapsulating, by the third network device, the second multiple slices of the program data into third packets;
generating, by the third network device, forward error correction packets pertaining to the third packets, wherein the generating of the forward error correction packets pertaining to the third packets comprises:
selecting, by the third network device, P packets from the third packets, wherein P is a numerical value and the P packets are consecutively and sequentially ordered based on the second multiple slices of the program data;
dividing, by the third network device, the P packets into S sub-groups of packets, wherein S is a numerical value, and wherein each sub-group includes a sub-group of packets of the P packets and the sub-group of packets are not consecutively and sequentially ordered; and
generating, by third network device, a sub-group of forward error correction packets for each sub-group based on the sub-group of packets within each sub-group of S sub-groups; and
multicasting, by the third network device and to a user device of a multicast, the third packets and the forward error correction packets.

US Pat. No. 10,367,873

METHOD OF COMMUNICATING DATA PACKETS WITHIN DATA COMMUNICATION SYSTEMS

GURULOGIC MICROSYSTEMS OY...

1. A data communication system comprising:at least one transmitter that is configured to communicate data packets via a data communication network and/or a data carrier to at least one receiver,
wherein the at least one transmitter is configured to select from a plurality of mutually different types of data having mutually different priorities, wherein the mutually different priorities include a highest priority and a plurality of lower priorities lower than the highest priority, and
wherein the at least one transmitter is configured to include a plurality of data types having mutually different priorities within at least one of the data packets by iteratively selecting from among the plurality of mutually different types of data, wherein each iteration includes selecting a data type having a priority that is highest among priorities of data types available to be selected in such iteration, wherein in at least one iteration the selected data type has a priority included in the plurality of lower priorities.

US Pat. No. 10,367,872

CLOUD-BASED VIDEO DELIVERY

Brightcove, Inc., Boston...

1. A method of making media content available for delivery via a data communications network, the method comprising:receiving, via a communications interface, a request to make media content available for delivery;
obtaining, via the communications interface, a media file having the media content;
determining a plurality of media profiles, based on the request, wherein:
each media profile of the plurality of media profiles determines one or more video playback properties of a respective output media file; and
the plurality of media profiles includes:
a first set of media profiles, and
a second set of media profiles;
transcoding, with a processing unit, the media file in accordance with the first set of media profiles to create a first set of output media files;
transcoding, with the processing unit, the media file in accordance with the second set of media profiles to create a second set of output media files, wherein the second set of output media files includes an output media file having one or more video playback properties different than each output media file of the first set of output media files;
subsequent to creating the first set of output media files, sending the first set of output media files to one or more distributed servers; and
subsequent to sending the first set of output media files to the one or more distributed servers, and prior to completing the transcoding of the media file in accordance with the second set of media profiles, sending a notification that the media content is available for delivery using at least the first set of media profiles, based on a determination that the media file has been transcoded in accordance with the first set of media profiles.

US Pat. No. 10,367,871

SYSTEM AND METHOD FOR ALL-IN-ONE CONTENT STREAM IN CONTENT-CENTRIC NETWORKS

Cisco Technology, Inc., ...

1. A computer-executable method for assembling a single content stream that enables downloading of a content collection using the single content stream over a content-centric network, comprising:receiving, from a requester, a set of Interests under a same namespace;
obtaining the content collection that includes a plurality of content components, wherein each content component has a modification time;
generating a manifest for the content collection, wherein a respective entry in the manifest corresponds to a content component;
determining, from the plurality of content components, which content components to include in the single content stream; and
assembling the single content stream by including the manifest followed by the plurality of content components in order,
wherein the manifest and the content components are packaged into objects under the same namespace as the set of Interests,
wherein each of the objects specifies a same name prefix, and each of the Interests specifies the same name prefix as the objects,
wherein a content component includes a second single content stream, and wherein the second single content stream includes a second manifest,
wherein one or more content components that are required for rendering the content collection are placed at a beginning of the single content stream, and
wherein the plurality of content components are placed in order based on the modification times with the content component having the most recent modification time or the least recent modification time placed first.

US Pat. No. 10,367,870

CONFERENCING SYSTEM AND METHOD IMPLEMENTING VIDEO QUASI-MUTING

RingCentral, Inc., Belmo...

1. A first communication portal in a video conferencing session with a second communication portal via a network, the first communication portal being configured to:transmit live video stream of a participant to the second communication portal for presentation on a display thereof;
receive a control instruction from the participant to stop transmitting the live video stream;
selectively transmit a video clip showing the participant for playback on the display based on the received control instruction;
receive a second control instruction from the participant to resume transmitting live video stream;
selectively inhibit the video clip from being played back on the display based on the second control instruction; and
selectively resume transmitting live video stream of the participant to the second communication portal for presentation on the display thereof based on the second control instruction.

US Pat. No. 10,367,869

REMOTE VEHICLE CONTROL AND OPERATION

FORD GLOBAL TECHNOLOGIES,...

1. A system, comprising:a computer at a remote site, the computer comprising a processor and a memory; and
a vehicle computer onboard a vehicle, the vehicle computer and the vehicle geographically remote from the computer and the remote site, the vehicle operable by an operator of the computer at the remote site, whereby the operator is geographically remote from the vehicle and the vehicle computer;
wherein the memory of the computer at the remote site stores instructions executable by the processor of the computer at the remote site to:
receive a plurality of data streams from the vehicle via the vehicle computer, at least some of the data streams including multimedia data;
determine an available bandwidth and a bandwidth consumption of each of the data streams;
perform a prioritization of the data streams according to one or more factors including at least data describing the operator at the remote site operating the vehicle and the available bandwidth, the prioritization including an identification of one of the data streams having a higher priority than another of the data streams based on sensor data indicating behavior of the operator at the remote site; and
instruct the vehicle computer to at least one of adjust at least one of the data streams and prevent transmission of at least one of the data streams to the computer according to the prioritization.

US Pat. No. 10,367,868

LOCATION-BASED PLAYLIST

Sonos, Inc., Santa Barba...

1. A method comprising:causing, via a mobile device, one or more servers of a media streaming service to generate a location-based playlist of multiple audio tracks, wherein causing the one or more servers to generate the location-based playlist comprises sending, via a network interface of the mobile device over one or more networks to the one or more servers, location messages indicating respective GPS coordinates of one or more locations, wherein the one or more servers add each audio track being played by at least one playback device that is co-located with the mobile device at the one or more locations to the location-based playlist when the respective audio track is played back such that the location-based playlist defines a playback sequence;
after generating the location-based playlist, causing, via the mobile device, a graphical interface to display, in a media playback application of the media streaming service, a graphical representation of the location-based playlist;
receiving, via the mobile device, an input indicating a selection of the generated location-based playlist;
transmitting, via the network interface of the mobile device over one or more networks to the one or more servers, a request for information associated with audio tracks in the selected location-based playlist;
receiving, via the network interface of the mobile device over the one or more networks from the one or more servers of the media streaming service, the requested information associated with the audio tracks in the selected location-based playlist, the information indicating at least the respective location of the mobile device when each audio track of the location-based playlist was added to the location-based playlist;
causing, via the mobile device, the graphical interface to display the requested information associated with the audio tracks in the location-based playlist; and
playing back the location-based playlist on the mobile device, wherein playing back the location-based playlist on the mobile device comprises streaming the multiple audio tracks from the media streaming service.

US Pat. No. 10,367,867

IN-BAND QUALITY DATA

Imagination Technologies ...

1. A method of transmitting data in a media stream to a receiving device, the media stream being in accordance with a media streaming protocol which defines a data structure comprising a type identifier field for specifying a type of data contained within the data structure, wherein the type identifier field is settable to a first type identifier or a second type identifier different from the first type identifier, the method comprising:determining whether or not the receiving device is capable of processing data in a data structure having the type identifier field set to the second type identifier, wherein if it is determined that the receiving device is capable of processing data in a data structure having the type identifier field set to the second type identifier, the method further comprising:
generating data of a first type, the first type being associated with the first type identifier in accordance with said protocol;
encapsulating the generated data in a data structure defined by said protocol;
setting the type identifier field of the data structure to the second type identifier;
forming a packet comprising the data structure; and
transmitting the packet in the media stream.

US Pat. No. 10,367,866

SYSTEMS AND METHODS FOR AUTOMATION FALLBACK

Grass Valley Canada, Tor...

1. An automation fallback method, comprising:receiving, by a network interface of a playout system from an automation server, a hierarchical automation schedule comprising a plurality of nodes distributed in a plurality of tiers, each node associated with at least one other node in a different tier in a parent-child relationship;
identifying, by a router of the playout system, a first item of content indicated for playback in a first node of the hierarchical automation schedule, the first node associated with a broadcast region served by the playout system;
determining, by the router, that the first item of content is not available for playback responsive to one of unsuccessful receipt of an input media stream comprising the first item of content or an absence of the first item of content in a storage device of the playout system;
iteratively searching each parent node of the first node in the hierarchical automation schedule, by the router, for a node including an identification of a second item of content, responsive to the determination that the first item of content is not available for playback;
determining, by the router, that the second item of content is available for playback responsive to one of successful receipt of a second input media stream comprising the second item of content or a presence of the second item of content in the storage device of the playout system; and
connecting a corresponding one of the second input media stream or a decoder decoding the second item of content to an output of the playout system, by the router, so as to output the second item of content.

US Pat. No. 10,367,865

ENCODINGLESS TRANSMUXING

Verizon Digital Media Ser...

1. A method comprising:obtaining encoded media content as a single file comprising a first portion containing metadata of the encoded media content, and a second portion containing binary data of the encoded media content, wherein the metadata provides information about construction of individual frames in the binary data, and wherein the binary data comprises bits of an intermixed plurality of I, P, and B frames, wherein each I frame is rendered without referencing information from other frames of the plurality of I, P, and B frames, and wherein the P and B frames are rendered by referencing information from at least one other frame of the plurality of I, P, and B frames;
determining, from processing the metadata in the first portion of the single file, positions of a set of I frames encoded by the binary data in the second portion of the single file;
mapping a first segment of the encoded media content to start from the position of a first segment I frame from the set of I frames, and a second segment of the encoded media content to start from the position of a second segment I frame from the set of I frames that is closest to a segment duration interval from the position of the first segment I frame, wherein the first segment I frame is separated from the second segment I frame by at least one other I frame from the set of I frames; and
serving the first segment over a network to a user requesting the first segment by passing a subset of the binary data from the second portion of the encoded media content file without encoding or modifying the subset of the binary data for the first segment, wherein a starting bit of the subset of the binary data for the first segment is a first bit of the first segment I frame in the binary data and an ending bit of the subset of the binary data for the first segment is a bit in the binary data that immediately precedes a first bit of the second segment I frame in the binary data.

US Pat. No. 10,367,864

ELECTRONIC DEVICE AND METHOD FOR CONTROLLING ELECTRONIC DEVICE

LG ELECTRONICS INC., Seo...

1. An electronic device comprising:a processor;
a non-transitory recording medium;
an electronic device application to communicate with a companion device; and
a WebSocket server to connect the electronic device application with a companion device application of the companion device,
wherein the WebSocket server includes a first endpoint and a second endpoint,
wherein the first endpoint connects the WebSocket server with the electronic device application of the electronic device,
wherein the second endpoint connects the WebSocket server with the companion device application of the companion device,
wherein the WebSocket server receives a first request from the electronic device application of the electronic device,
wherein the first request includes first uniform resource information including first application identification information for identifying the electronic device application and a connection between the first endpoint and a first app-endpoint of the electronic device application is established,
wherein the first app-endpoint includes the first application identification information,
wherein the WebSocket server receives a second request from the companion device application of the companion device,
wherein the second request includes second uniform resource information including second application identification information for identifying the companion device application and a connection between the second endpoint and a second app-endpoint of the companion device application is established,
wherein the second app-endpoint includes the second application identification information,
wherein the WebSocket server establishes a WebSocket connection by connecting the electronic device application with the companion device application based on a WebSocket protocol when the first app-endpoint and the second app-endpoint are the same, and
wherein the first uniform resource information and the second uniform resource information are configured without including Internet Protocol (IP) address information.

US Pat. No. 10,367,863

METHOD FOR PROVIDING DYNAMIC QUALITY OF SERVICE FOR PUSH-TO-TALK SERVICE

KODIAK NETWORKS INC., Pl...

1. A method comprising:initiating, by a push-to-talk (PTT) server, a PTT call session with a PTT client by exchanging control messages over a first bearer having first quality-of-service (QoS) parameters;
establishing, by the PTT server, a second bearer having second QoS parameters different from the first QoS parameters, wherein the establishing the second bearer is performed during at least a portion of the initiating the PTT call session;
exchanging, by the PTT server, media messages with the PTT client over the first bearer before the second bearer is established; and
exchanging, by the PTT server, the media messages with the PTT client over the second bearer in response to completion of the establishing the second bearer.

US Pat. No. 10,367,862

LARGE-SCALE PAGE RECOMMENDATIONS ON ONLINE SOCIAL NETWORKS

Facebook, Inc., Menlo P...

1. A method comprising, by one or more processors of one or more computing systems:retrieving, by one or more of the processors from one or more computer storage media, user-concept scores for a first set of users of a plurality of users, wherein the user-concept scores are associated with previous social network activities of the first set of users of the plurality of users, and wherein each user-concept score is associated with a user-concept pair that comprises a first user from the first set of users and a concept from a plurality of concepts;
generating, by one or more of the processors, a data structure comprising a concept matrix Q based on the accessed user-concept scores of the first set of users, wherein the concept matrix Q comprises a plurality of concept trait vectors corresponding to the plurality of concepts, and wherein the concept matrix Q is fixed after being determined;
selecting, by one or more of the processors and from the data structure, a subset of concepts of the concept matrix Q based on a similarity metric of the plurality of concept trait vectors of the concept matrix Q, wherein the subset of concepts is associated with one or more previous social network activities of one or more users of a second set of users, and wherein the second set of users is discrete from the first set of users;
generating, by one or more of the processors, recommendations based on recommended user-concept scores for a subset of user-concept pairs in the second set of users of the plurality of users and the plurality of concepts based on the subset of concepts of the concept matrix Q determined from the first set of users, wherein the subset of user-concept pairs in the second set of users is a random subset of user-concept pairs, wherein a recommendation-algorithm computes the recommended user-concept scores for a user-concept pair by optimizing an objective function comprising a plurality of predicted rating functions, wherein each predicted rating function is determined using a user score, a concept score, a user-bias value associated with a second user in the second set of users, and a concept-bias value associated with the concept; and
sending, to one or more client systems of one or more users of the second set of users, the recommendations for one or more concepts based on the recommended user-concept scores for the second set of users.

US Pat. No. 10,367,861

SYSTEM AND METHOD FOR DIGITAL AUDIO CONFERENCE WORKFLOW MANAGEMENT

Harman International Indu...

1. A computer-program product embodied in a non-transitory computer read-able medium that is programmed to manage a digital audio conference including a plurality of conference units and each conference unit including a microphone, the computer-program product comprising instructions to:receive first information corresponding to a layout of a venue that facilitates an audio conference for users of the plurality of conference units;
store second information corresponding to an arrangement of a plurality of seats in the venue;
associate a first conference unit of the plurality of conference units to a first seat of the plurality of seats;
transmit third information corresponding to a topic for discussion in the audio conference to the plurality of conference units and further corresponding to a duration of the topic in the audio conference;
test the microphone for the conference unit in the audio conference to determine whether the microphone for the conference unit is exhibiting a fault condition;
transmit a command to each of the plurality of conference units to disable the microphone for each of the plurality of conference units prior to testing the microphone;
control one or more first speakers within the venue to transmit a first audio signal;
control a corresponding conference unit of the plurality of conference units to activate the microphone;
receive a sampled audio signal of the first audio signal from the corresponding conference unit after controlling the corresponding conference unit to activate the microphone; and
compare a tone on the sampled audio signal to a portion of the first audio signal to determine if the microphone for the corresponding conference unit is operating properly.

US Pat. No. 10,367,860

SOCIAL NETWORKING PERMISSIONS

Oath Inc., Dulles, VA (U...

1. A computer-implemented method for enabling searches with a graphical user interface, the method comprising the following operations performed by at least one processor:identifying, based on information associated with a social network of a first user, a plurality of first relationships between the first user and a second user in the social network, the first relationships comprising direct relationships through zero intermediary users;
identifying categories associated with the first relationships based on the social networking information;
generating a composite category representative of the identified categories;
determining a portion of a contact list of the second user that is accessible to the first user based on a composite access type associated with the composite category;
generating an instruction to display a graphical user interface on a device of the first user, the graphical user interface comprising a search text field;
receiving, from the device of the first user, search criteria entered into the search text field of the graphical user interface; and
generating an instruction to transmit information associated with the contact list portion to the device of the first user based on the search criteria entered, the information instructing the device to:
(i) display information of the contact list portion to the first user with a set of graphical position indicators, the set of graphical position indicators including a graphical indication of the first user and graphical indications of the intermediary members of the social network between the first user and the contact list portion; and
(ii) enable the first user to modify the presented contact list portion by selecting whether the search criteria is applied to the social network of the first user or an entire member directory stored in a database, wherein the contact list portion is modified to include auxiliary information for members outside of the social network of the first user when the search criteria is applied to the entire member directory.

US Pat. No. 10,367,859

ORGANIZING A SYNCHRONOUS COMMUNICATION SESSION ACCORDING TO CONTEXT

INTERNATIONAL BUSINESS MA...

1. A computer hardware system, comprising: a hardware processor configured to initiate the following executable operations: detecting, based upon an input received from a user, a trigger event; identifying, based upon the trigger event, a foreground application executing within the computer hardware system when the input was received; retrieving, from the identified foreground application, a digital asset displayed in the foreground application when the input was received, the digital asset including content and metadata; analyzing the content of the digital asset to identify a list of candidate participants; displaying, within a user interface separate from the foreground application, the list; and sending, to at least one of the candidate participants selected from within the user interface, an invite for a synchronous communication session, wherein the detecting, the identifying, the retrieving, the analyzing, and the displaying are performed by a context agent executing within the computer hardware system and separate from the foreground application.

US Pat. No. 10,367,858

CONTEMPORANEOUS FEEDBACK DURING WEB-CONFERENCES

International Business Ma...

1. A computer-implemented method, comprising:initiating, by one or more processors, a web conferencing session between a host and a client, wherein the web conferencing session comprises:
receiving a presentation and transmitting the presentation to a semantic engine, wherein the semantic engine performs an automatic machine learning session to generate a presentation concepts list comprising concepts relevant to the presentation; and
progressively displaying the presentation in a thin client application on the client, wherein progression of the presentation is controlled by the host;
monitoring, by the one or more processors, on the client, during the web conferencing session, activities executed on the client;
extracting, by the one or more processors, web concepts related to the activities executed on the client;
determining, by the one or more processors, an interest level of a user of the client in the presentation, based on determining a presence or absence of a relationship of each web concept to one or more of the concepts relevant to the presentation on the presentation concepts list; and
displaying, by the one or more processors, the interest level of a user in a graphical user interface on the host.

US Pat. No. 10,367,857

MANAGING CONFERENCE-CALLS

INTERNATIONAL BUSINESS MA...

1. A computer-implemented conference call management method, the method comprising:inferring an Internet Protocol (IP) address of a new user requesting to join a call including at least one other user;
inferring a codec to stream an emulated network pattern for the call in a case where the new user were to join the call, at a network level;
measuring a call quality perceived by the at least one other user in the call, at a user end, while the emulated codec is run on the call;
measuring an impact on the call quality in a case that the new user joins the call based on the perceived call quality and the emulated network pattern; and
displaying the impact via a Graphical User Interface (GUI) for a moderator to decide whether to accept the new user to the call based on the measured impact on the call quality indicating that the call quality is sustained after accepting the new user to the call,
wherein the codec includes a dummy packet streamed on the call such that the call quality does not chance while the codec is streamed on the call, and
wherein the call quality is sustained after the new user joins the call when the perceived call quality and the emulated network pattern are unchanged.

US Pat. No. 10,367,856

FAILOVER MANAGEMENT OF SIP BASED MULTIMEDIA COMMUNICATION SESSIONS

STERLITE TECHNOLOGIES LIM...

1. A method comprising:storing, in a data store, active session information received from a first session initiation protocol (SIP) server for an active session between a first user agent and a second user agent, wherein the active session is associated with the first SIP server;
providing, by a processing device, in response to a determination that the first SIP server is unavailable, the active session information to a second SIP server to maintain continuity of the active session between the first user agent and the second user agent; and
causing the second SIP server to generate a first Re-INVITE message to provide to the first user agent and a second Re-INVITE message to provide to the second user agent, wherein the first Re-INVITE message comprises at least a portion of the active session information to continue the active session.

US Pat. No. 10,367,855

SWITCH CONTROLLER FOR SEPARATING MULTIPLE PORTIONS OF CALL

TEVNOS LLC, San Francisc...

1. A method comprising:receiving a call from an origination endpoint requesting to be connected to a remote endpoint;
receiving acceptance of the call from the remote endpoint;
separating audio of the call based on the origination endpoint and the remote endpoint where corresponding portions of the audio are generated, using a switch controller, into;
a first isolated audio portion of the audio from the origination endpoint; and
an additional isolated audio portion of the audio from the remote endpoint;
sending the first isolated audio portion to an external database;
establishing the audio of the call by merging the first isolated audio portion and the additional isolated audio portion; and
providing, to a third party, access to listen to the call and an ability to inject audio into one or more of the first isolated audio portion and the additional isolated audio portion.

US Pat. No. 10,367,853

METHOD AND ENTITY IN A LI SYSTEM FOR POSITIONING OF A TARGET CONNECTED TO A WI-FI NETWORK

Telefonaktiebolaget LM Er...

1. A method performed by a mediation function entity for enabling a Law Enforcement Agency (LEA) to determine targets' positions, said targets are connected to a WiFi network via Access Points, the method comprises steps of:the mediation function entity receiving a first Remote Authentication Dial-In User Service (RADIUS) account message for a first subscriber having been accepted access to the WiFi network via a first Access Point, wherein the mediation function entity is in a Lawful Intercept (LI) system;
the mediation function entity receiving a second RADIUS account message for a second subscriber having been accepted access to the WiFi network via a second Access Point;
the mediation function entity determining whether at least one of the first subscriber and the second subscriber is a target;
as a result of determining that the first subscriber is a target, the mediation function entity retrieving from the received first RADIUS account message RADIUS parameters corresponding to an Access Point Identifier and a Service Set Identifier (SSID);
the mediation function entity sending, to the LEA, a target identification for the first subscriber and the retrieved RADIUS parameters corresponding to the Access Point Identifier and the SSID; and
as a result of determining that the second subscriber is not a target, the mediation function entity discarding the second RADIUS account message.

US Pat. No. 10,367,852

MULTIPLEXED DEMAND SIGNALED DISTRIBUTED MESSAGING

Swim.IT Inc., San Jose, ...

1. A method programmed in a non-transitory memory of a device comprising:a. establishing one or more network connections for peer-to-peer real-time message distribution; and
b. routing one or more messages to an appropriate destination using the one or more network connections utilizing load balancing and routing functions, wherein when the one or more messages go to multiple subscribers on a single host, the one or more messages from a publisher are only sent once over the one or more network connections, and the one or more messages are broadcast locally without explicit involvement of a publisher and a subscriber to each subscriber of the multiple subscribers on the single host, wherein routing utilizes one or more links and one or more lanes, wherein at least one of the links is a synced link which enables the subscriber to receive the one or more messages from the publisher that existed prior to generation of the link.

US Pat. No. 10,367,851

SYSTEM AND METHOD FOR AUTOMATIC DATA PROTECTION IN A COMPUTER NETWORK

Microsoft Israel Research...

1. A method for operating an architecture that controls access to confidential data by executing one or more data management policies when an attempt to transform the confidential data is detected, the method being performed by a computer system that operates with the architecture, the method comprising:the computer system assigning one or more information profiles to a data item, wherein the one or more information profiles indicate a sensitivity level for the data item;
the computer system associating a defined set of one or more policies with the data item, wherein the defined set of one or more policies, when executed for the data item by the computer system, control how the data item is accessed, the control being based at least partially on the data item's indicated sensitivity level;
the computer system storing a hash value for the data item, the hash value being usable to identify the data item within the computer system in connection with one or more subsequent access events for that data item;
the computer system identifying an access event for the data item,
the computer system identifying the defined set of one or more policies that apply to the data item corresponding to the access event, based at least in part on the data item's hash value;
in response to identifying the defined set of one or more policies that apply to the data item corresponding to the access event, the computer system executing the defined set of policies for the data item to control or limit access to the data item in response to the identified access event; and
the computer system tracking execution of the defined set of policies for the data item by logging protection implementation information to a system log, wherein tracking the execution in the system log includes logging how protections were actually implemented on the data item during the execution of the defined set of policies for the data item.

US Pat. No. 10,367,850

MANAGING COMMUNICATIONS BETWEEN COMPUTING NODES

Amazon Technologies, Inc....

1. A computer-implemented method comprising:obtaining, by one or more configured computing devices of an application execution service, information indicating an access policy for use with a first computing node;
initiating, by the one or more configured computing devices, execution of the first computing node as a virtual machine hosted by a physical computing system of the application execution service; and
configuring by the one or more configured computing devices, a software component executing on the physical computing system to manage communications for virtual machines hosted by the physical computing system, wherein the configuring includes storing information on the physical computing system about the access policy for use by the software component in managing communications for the first computing node, and wherein the software component is configured to:
intercept a first communication addressed to the first computing node;
determine whether the first communication is in accordance with the access policy;
if the first communication is in accordance with the access policy, forward the first communication to the first computing node;
receive another communication indicating the first computing node as a source of the other communication;
determine whether the other communication is in accordance with the access policy; and
if the other communication is in accordance with the access policy, forward the other communication to a destination of the other communication.

US Pat. No. 10,367,849

METHOD AND SYSTEM FOR DETECTING PHISHING PAGE

Baidu Online Network Tech...

1. A method for detecting a phishing page, comprising:intercepting user data attempted to be submitted by a current page to a server;
constructing detection data having a structure identical to a structure of the user data, content of the detection data being different from content of the user data;
submitting the detection data to the server; and
determining whether the current page is a phishing page based on a response from the server;
providing a user with a risk warning in response to determining the current page being a phishing page;
receiving a feedback on the risk warning from the user;
generating a phishing website database based on the feedback; and
determining whether the current page is a phishing website by using the phishing website database, before the intercepting user data attempted by the current page to submit to the server.

US Pat. No. 10,367,848

TRANSMITTING RELAY DEVICE IDENTIFICATION INFORMATION IN RESPONSE TO BROADCAST REQUEST IF DEVICE MAKING REQUEST IS AUTHORIZED

NEC CORPORATION, Tokyo (...

1. A communication control device comprising:hardware, including a processor and memory;
a first transmission unit implemented at least by the hardware and configured to receive a broadcast request for identification information of a relay device for relaying communication from a first information processing device and transmit fake identification information of the communication control device to the first information processing device in response to a request from the first information processing device; and
a second transmission unit implemented at least by the hardware and configured to receive software information of the first information processing device and transmit identification information of the relay device to the first information processing device when the received software information is authorized.

US Pat. No. 10,367,847

ADDRESSING LOGIN PLATFORM SECURITY RISKS

International Business Ma...

1. A computer-implemented method comprising:identifying suspected fraudulent attempts being associated with a primary login platform by determining whether one or more matching sensitive information artefacts match a primary sensitive information artefact of a matching login platform;
responsive to the one or more matching sensitive information artefacts matching the primary sensitive information artefact, determining a security divergence factor between the primary login platform and each of the matching login platforms based on at least one of one or more security levels associated with each of the primary login factor and each of the matching login platforms and one or more security categories associated with each of the primary login factor and each of the matching login platform;
determining whether the security divergence factor exceeds a predefined security divergence threshold; and
responsive to identifying the one or more security developments, automatically updating the security credentials of the user to decrease the access level, increasing the security category for the primary login platform, and modifying one or more sensitive information artefacts associated with the primary login platform for the user.

US Pat. No. 10,367,846

SELECTIVELY CHOOSING BETWEEN ACTUAL-ATTACK AND SIMULATION/EVALUATION FOR VALIDATING A VULNERABILITY OF A NETWORK NODE DURING EXECUTION OF A PENETRATION TESTING CAMPAIGN

XM Cyber Ltd., Hertzliya...

1. A method for penetration testing of a networked system by a penetration testing system using both active and passive validation methods wherein the penetration testing system is controlled by a user interface of a computing device, the method for penetration testing comprising:a. receiving, by the penetration testing system and via the user interface of the computing device, one or more manually-entered inputs;
b. determining a first target network node of the networked system to be the next network node to attempt to compromise;
c. determining a first vulnerability of network nodes to be used for compromising the first target network node;
d. determining a first damage to the first target network node that can be caused by validating the first vulnerability for the first target network node by using active validation;
e. selecting a first validation method for validating the first vulnerability for the first target network node, a type of the first validation method being:
A. selected from the type group consisting of active validation and passive validation; and
B. associated with the first damage;
f. validating the first vulnerability for the first target network node using the first validation method;
g. determining a second target network node of the networked system to be the next network node to attempt to compromise;
h. determining a second vulnerability of network nodes to be used for compromising the second target network node;
i. determining a second damage to the second target network node that can be caused by validating the second vulnerability for the second target network node by using active validation;
j. selecting a second validation method for validating the second vulnerability for the second target network node, a type of the second validation method being:
A. selected from the type group consisting of active validation and passive validation;
B. associated with the second damage; and
C. different from the type of the first validation method;
k. validating the second vulnerability for the second target network node using the second validation method; and
l. reporting at least one security vulnerability of the networked system determined to exist based on results of performing steps b-k, wherein the reporting comprises performing at least one operation selected from the group consisting of: (A) causing a display device to display a report containing information about the at least one security vulnerability of the networked system, (B) storing the report containing information about the at least one security vulnerability of the networked system in a file and (C) electronically transmitting the report containing information about the at least one security vulnerability of the networked system,wherein all of steps b-l are performed by the penetration testing system, and wherein the one or more manually-entered inputs received via the user interface explicitly define at least one item selected from the group consisting of (i) a type of a validation method associated with the first damage, and (ii) a type of a validation method associated with the second damage.

US Pat. No. 10,367,845

SYSTEMS AND METHODS FOR EVALUATING INFECTION RISKS BASED ON PROFILED USER BEHAVIORS

Symantec Corporation, Mo...

1. A computer-implemented method for evaluating infection risks based on profiled user behaviors, at least a portion of the method being performed by a computing device comprising at least one hardware processor, the method comprising:collecting, by the computing device comprising the at least one hardware processor, a plurality of user-behavior profiles that comprises:
a plurality of labeled profiles that comprises:
a plurality of infected profiles, wherein each of the plurality of infected profiles comprises a profile of user behaviors that occurred at an associated infected computing system that is known to have encountered malware; and
a plurality of clean profiles, wherein each of the plurality of clean profiles comprises a profile of user behaviors that occurred at an associated clean computing system that is known to be free of malware; and
a plurality of unlabeled profiles, wherein each of the plurality of unlabeled profiles comprises a profile of user behaviors that occurred at an associated computing system that is not known to have encountered malware and not known to be free of malware;
assigning, before training a classification model to distinguish infected profiles from clean profiles, a pseudo label to each of the plurality of unlabeled profiles by:
labeling a first group of the plurality of unlabeled profiles as infected profiles based at least in part on one or more of:
a similarity between unlabeled profiles in the first group and at least one labeled profile in the plurality of infected profiles; or
a mapping of the unlabeled profiles in the first group to a first region of a feature space defined by a lowest-density region of the feature space; and
labeling a second group of the plurality of unlabeled profiles as clean profiles based at least in part on one or more of:
a similarity between unlabeled profiles in the second group and at least one labeled profile in the plurality of clean profiles; or
a mapping of the unlabeled profiles in the second group to a second region of the feature space defined by the lowest-density region of the feature space; and
training the classification model to distinguish infected profiles from clean profiles using features and labels of the plurality of user-behavior profiles;
using the classification model to predict at least one of:
a likelihood that a computing system of a user will become infected based at least in part on a profile of user behaviors of the user; or
a likelihood that a user behavior in the plurality of user-behavior profiles will result in a computing-system infection.

US Pat. No. 10,367,844

SYSTEMS AND METHODS OF NETWORK SECURITY AND THREAT MANAGEMENT

MASERGY COMMUNICATIONS, I...

12. A network security and threat management system, comprising:a computer configured to:
receive traffic information generated based, at least in part, upon an analysis of packets directed to a plurality of enterprise assets, wherein the traffic information includes a resource violation message reporting an unknown client's attempt to use an unknown protocol;
receive vulnerability information generated based, at least in part, upon an analysis of one or more of the plurality of enterprise assets;
receive vendor alert information provided by one or more third-party vendors;
continuously correlate:
the received traffic information, vulnerability information, and vendor alert information;
assign threat points to each of the plurality of security threats based, at least in part, upon the continuous correlation, wherein to assign the threat points the computer is further configured to:
upgrade the threat points associated with the given security threat in response to the traffic information being correlated with the vulnerability information;
upgrade the threat points associated with the given security threat in response to the traffic information being correlated with the vendor alert information; and
upgrade the threat points associated with the given security threat in response to the vulnerability information being correlated with the vendor alert information; and
dynamically adjust a priority of a given one of the plurality of security threats by escalating a security threat with a highest potential to be successful and modifying a risk associated with other security threats based, at least in part, upon the continuous correlation and upon an age of the given one of the plurality of security threats,
wherein escalating the security threat with the highest potential to be successful comprises identifying, based on an age of the vulnerability information, an enterprise asset of the plurality of enterprise assets being vulnerable to the security threat and the age of the vulnerability information with respect to the security threat.

US Pat. No. 10,367,843

SECURING A NETWORK

PacketSled, Inc., Santa ...

1. An apparatus comprising a non-volatile machine-readable medium storing a program having instructions which when executed by a processor will cause the processor to enhance security of a data network, the instructions of the program for:decomposing a stream of flow objects from a plurality of sensors coupled to the data network into components that are at least one of (a) oscillating, (b) exponentially growing, (c) exponentially decaying, (d) mean, and (e) stochastic;
sorting the components into categories including at least normal, anomalous known and anomalous unknown, wherein the normal category is indicative of normal behavior in the corresponding flow objects, the anomalous known category is indicative of anomalous behavior in the corresponding flow objects having a known cause, and the anomalous unknown category is indicative of anomalous behavior in the corresponding flow objects having an unknown cause; and
allowing network activity associated with normal behavior, and interdicting network activity associated with anomalous known behavior or anomalous unknown behavior;
wherein the flow objects each comprises a single alphanumeric value or a set of alphanumeric values mathematically processed from raw data collected from the plurality of sensors over time;
wherein the stream of flow objects consists of a finite dimensional nonlinear system;
wherein decomposing the stream of flow objects comprises transforming the finite dimensional nonlinear system to an infinite linear set.

US Pat. No. 10,367,842

PEER-BASED ABNORMAL HOST DETECTION FOR ENTERPRISE SECURITY SYSTEMS

NEC Corporation, (JP)

1. A method for determining a risk level of a host in a network, comprising:modeling a target host's behavior based on historical events, which include network events and process events, recorded at the target host;
determining one or more original peer hosts having behavior similar to the target host's behavior, including an iterative clustering process that assigns a set of initial cluster centroids and updates the centroids after assigning hosts to a closet cluster to identify peer hosts in a lateral space;
determining an anomaly score for the target host using a processor based on how the target host's behavior changes relative to behavior of the one or more original peer hosts over time; and
performing a security management action based on the anomaly score.

US Pat. No. 10,367,841

METHOD AND SYSTEM FOR LEARNING REPRESENTATIONS FOR LOG DATA IN CYBERSECURITY

1. A cybersecurity method comprising:forming a time based series of behavioral features comprising human engineered features by extracting at least one behavioral feature from a first set of log data retrieved over a first time segment, and extracting at least one behavioral feature from a second set of log data retrieved over a second time segment;
analyzing the time based series of behavioral features,
wherein said analyzing the time based series of behavioral features comprises using a neural network based system, a dimensionality reduction system, random forest system, or combinations thereof,
deriving machine learned features from said time based series of behavioral features through said analyzing the time based series of behavioral features; and
detecting an attack or threat to an enterprise or e-commerce system through said analyzing the time based series of behavioral features,
wherein said detecting an attack or threat comprises determining behavioral patterns indicative of said attack or threat based on the combination of said human engineered features and said machine learned features,
wherein the time based series of behavioral features is formatted into a time-based matrix, wherein each behavioral feature is associated with an entity and a time segment.

US Pat. No. 10,367,840

TECHNOLOGIES FOR SECURE PERSONALIZATION OF A SECURITY MONITORING VIRTUAL NETWORK FUNCTION

Intel Corporation, Santa...

1. A network functions virtualization (NFV) security services controller of an NFV network system for secure personalization of a security monitoring virtual network function (VNF), the NFV security services controller comprising:one or more processors; and
one or more memory devices having stored therein a plurality of instructions that, when executed by the one or more processors, cause the NFV security services controller to:
receive, from an NFV orchestrator of the NFV network system, an indication that the NFV orchestrator has provisioned a new element, wherein the indication includes identifying information usable to identify the new element;
provision a security monitoring policy as a function of the identifying information;
associate a security monitoring VNF of the NFV network system with the new element as a function of the provisioned security monitoring policy;
transmit another indication to a VNF manager responsible for managing the security monitoring VNF, wherein the other indication is usable to identify the provisioned security monitoring policy;
receive, from the security monitoring VNF and subsequent to having transmitted the other indication to the VNF manager, a message from the security monitoring VNF indicating the security monitoring policy has been successfully updated at the security monitoring VNF; and
activate the security monitoring policy for network traffic through the NFV network system.

US Pat. No. 10,367,839

GRAPHICAL USER INTERFACE PROGRAMMED TO DISPLAY COMPLEX INDICATORS BASED ON STRUCTURED THREAT EXPRESSIONS

CISCO TECHNOLOGY, INC., ...

1. A computer system for visualizing cybersecurity threat information provided by a computer network with a plurality of computing devices, the computer system comprising:a display;
one or more processors coupled to the display;
one or more non-transitory computer-readable storage media coupled to the one or more processors and storing data that represents one or more expressions and one or more sequences of instructions which when executed by the one or more processors causes the one or more processors to:
retrieve, from the storage media, the data that represents an expression comprising a plurality of observables;
parse the data that represents the expression to identify the plurality of observables, one or more Boolean operators, and one or more interdependencies between observables of the plurality of observables; wherein an interdependency, of the one or more interdependencies, determines a logical relationship between two observables, of the plurality of observables, that are concatenated using a Boolean operator of the one or more Boolean operators;
generate a plurality of observation objects that corresponds to the plurality of observables; wherein an observation object of the plurality of observation objects corresponds to a respective observable of the plurality of observables, and stores information included in the respective observable;
generate one or more Boolean graphical objects that correspond to the one or more Boolean operators; wherein two observation objects, of the plurality of observation objects, are to be concatenated using a Boolean graphical object, of the one or more Boolean graphical objects, that corresponds to a Boolean operator that concatenates respective two observables of the plurality of observables;
cause to present, in an expression visualizer portion of the display, the plurality of observation objects, contents included in the plurality of observations objects, and the one or more Boolean graphical objects connecting observation objects of the plurality of observation objects to represent the interdependencies determined for the plurality of observables.

US Pat. No. 10,367,838

REAL-TIME DETECTION OF ABNORMAL NETWORK CONNECTIONS IN STREAMING DATA

NEC CORPORATION, (JP)

1. A method for detecting anomalous network activity, comprising:determining that a network event does not exist within an existing topology graph, which records normal states of network connections among hosts in the network, and port graph, which records a relationship between a connection-initiating process and a destination port;
determining a connection probability for the network event using a processor;
determining that the connection probability is below a threshold to identify the network event as abnormal; and
responding to abnormal network events in real-time.

US Pat. No. 10,367,837

OPTIMIZING SECURITY ANALYSES IN SAAS ENVIRONMENTS

International Business Ma...

1. A method comprising:receiving, by one or more hardware processors, a set of observables from an interfacing entity, and one or more of: a set of structured threat data and a set of unstructured threat data;
analyzing, by the one or more hardware processors, at least one of the set of observables, the set of structured threat data, and the set of unstructured threat data, wherein at least one of an observable of the set of observables, the set of structured threat data, and the set of unstructured threat data is analyzed using cognitive computing;
creating, by the one or more hardware processors, a subgraph, based, at least in part, on the analyzed at least one of the set of observables, the set of structured threat data, and the set of unstructured threat data, wherein the subgraph represents the set of observables, the set of structured threat data and the set of unstructured threat data,
wherein the subgraph is continuously updated upon receiving updates from multiple interfacing entities,
wherein the subgraph provides a solution for at least one of: malicious software and a malicious connection to a Uniform Resource Locator (URL), an internet protocol (IP) address, a hash, or a computer file,
wherein the subgraph further provides the solution on a user interface in an interactive format for a user, and
wherein the solution comprises a link to a downloadable security patch and information detailing instructions to install the security patch;
transferring, by the one or more hardware processors, the subgraph through intelligent traversals to the interfacing entity;
displaying, by the one or more hardware processors, the subgraph on the user interface; and
responsive to the user interacting with the link, installing and initiating, by the one or more hardware processors, the security patch on the interfacing entity.

US Pat. No. 10,367,836

METHOD AND APPARATUS FOR DETECTING ABNORMAL STATE OF BEACON DEVICE IN WIRELESS MESH NETWORK AND RECORDING MEDIUM STORING COMPUTER PROGRAM FOR EXECUTING THE METHOD

SK PLANET CO., LTD., Seo...

7. A service device for providing service information corresponding to beacon identification information to a plurality of user terminal devices through a communication network, the service device comprising:a communicator configured to:
communicate with a beacon device and the user terminal device, respectively; and
collect information regarding service traffic of the beacon device;
a processor configured to:
collect statistical data regarding the service traffic of the beacon device in a normal state;
monitor service traffic generated between the service device and the plurality of user terminal devices;
determine a state of the beacon device corresponding to the beacon identification information based on a variation of an amount of service traffic, wherein the beacon identification information is assigned to each beacon device;
receive, from the user terminal device, a service request based on the beacon identification information;
identify the service information stored in a memory that is corresponding to the beacon identification information; and
transmit, to the user terminal device, the identified service information corresponding to the beacon identification information; and
the memory configured to:
store the service information corresponding to the beacon identification information; and
store an average amount of the service traffic of the beacon device in the normal state based on the collected statistical data, wherein
the communicator is further configured to periodically receive, from the beacon device, a state check message; and
the processor is further configured to:
determine whether the service traffic of the beacon device is valid based on the received state check message; and
control the beacon device such that the beacon device changes channels.

US Pat. No. 10,367,835

METHODS AND APPARATUS FOR DETECTING SUSPICIOUS NETWORK ACTIVITY BY NEW DEVICES

EMC IP Holding Company LL...

1. A method comprising:obtaining network event data for a given entity, wherein said given entity comprises one of a user and a user device;
determining, using at least one processing device, a number of distinct other entities associated with said given entity during a predefined short time window, wherein said distinct other entities comprise user devices used by said user if said given entity comprises a user and comprise users of the user device if said given entity comprises a user device;
determining, using the at least one processing device, a number of distinct other entities associated with said given entity during a predefined longer time window, wherein said predefined longer time window is longer than said predefined short time window;
assigning, using the at least one processing device, a risk score to said given entity by one or more of (i) evaluating said number of distinct other entities associated with said given entity during said predefined short time window relative to said number of distinct other entities associated with said given entity during said predefined longer time window, and (ii) evaluating said number of distinct other entities associated with said given entity during said predefined short time window relative to a predefined number; and
detecting, using the at least one processing device, anomalous network activity by said given entity based on said assigned risk score.

US Pat. No. 10,367,834

SYSTEMS AND METHODS FOR IMPLEMENTING INTRUSION PREVENTION

CloudPassage, Inc., San ...

1. A computer system comprising:one or more processing units;
memory storing one or more programs for execution by the one or more processors, the one more programs comprising:
instructions for receiving data collected at one or more remote computing assets;
instructions for obtaining a plurality of workflow templates, wherein each respective workflow template in the plurality of workflow templates corresponds to a different threat vector in a plurality of threat vectors and wherein each respective workflow template in the plurality of workflow templates comprises: (i) a trigger definition, (ii) an authorization token, and (iii) an enumerated countermeasure responsive to the corresponding threat vector; and
instructions for identifying an active threat by comparing the data collected at the one or more remote computing assets against the trigger definition of respective workflow templates in the plurality of workflow templates, wherein, when a match between the data collected at the one or more remote computing assets and a specific trigger definition of a corresponding specific workflow template is identified, an active threat is deemed to be identified, and the instructions for identifying further comprise:
(A) enacting the authorization token of the corresponding workflow template, wherein the enacting comprises:
(a) obtaining authorization from a first authorization contact associated with the corresponding workflow template, the obtaining (a) comprising (i) pushing an alert regarding the corresponding workflow template through a first established trust channel to a first remote device associated with the first authorization contact without user intervention by the first authorization contact, wherein the first remote device is other than the one or more remote computing assets, and (ii) receiving a first indication to proceed from the first authorization contact, and
(b) obtaining authorization from a second authorization contact associated with the corresponding workflow template, by a method comprising (i) pushing the alert regarding the corresponding workflow template through a second established trust channel to a second remote device associated with the second authorization contact without user intervention by the second authorization contact, wherein the second remote device is other than the one or more remote computing assets and wherein the second remote device is other than the first remote device, and (ii) receiving a second indication to proceed from the second authorization contact,
(c) pushing the alert to a plurality of authorization contacts, wherein the plurality of authorization contacts consists of three of more authorization contacts and includes the first and the second authorization contacts,
(B) responsive to satisfactory completion of authorization protocol, wherein satisfaction of the authorization protocol requires receiving an indication to proceed from more than a predetermined number of authorization contacts in the plurality of authorization contacts, including the first and the second indication to proceed, wherein the predetermined number of authorization contacts is less than the number of authorization contacts in the plurality of authorization contacts, executing the enumerated countermeasure of the corresponding workflow template, and
(C) originating or maintaining the established first trust channel by:
receiving a request from a security control module running within an operating system on the first remote device, wherein the request includes a policy identifier that identifies a security policy,
generating a unique agent identity token, which includes a cryptographic key,
transmitting the unique agent identity token to the security control module,
selecting a set of commands according to the identified security policy, based on (i) a current state of the operating system, (ii) a current state of the security control module, and, optionally (iii) a current state of one or more applications running in the operating system on the first remote device,
placing the set of commands in a command queue for retrieval and execution by the first remote device,
receiving data from the first remote device responsive to execution of the set of commands on the first remote device, and
using the data to originate or maintain the first established trust channel with the first remote device.

US Pat. No. 10,367,833

DETECTION OF FORBIDDEN SOFTWARE THROUGH ANALYSIS OF GUI COMPONENTS

International Business Ma...

1. A computer-implemented method for controlling execution of a computer program, upon the computer program being executed on a computer system, the method comprising:detecting structural elements of a graphical user interface of the computer program, the structural elements of the graphical user interface of the computer program comprising a number of menu items in the graphical user interface, a type of each menu item in the graphical user interface, a structure of elements of a toolbar of the graphical user interface, and a number of elements of the toolbar of the graphical user interface;
comparing the detected structural elements with each signature of a set of stored signatures, each signature comprising structural elements of a graphical user interface of allowed computer programs, the structural elements of the graphical user interface of each allowed computer program comprising a number of menu items in the graphical user interface, a type of each menu item in the graphical user interface, a structure of elements of a toolbar of the graphical user interface, and a number of elements of the toolbar of the graphical user interface, wherein each signature of the set of stored signatures is generated based on the structural elements of the graphical user interface of an associated allowed computer program by the method comprising:
generating a complexity factor using the structural elements of the graphical user interface of the associated allowed computer program, wherein one or more of the structural elements are weighted such that at least one structural element is weighted more than one other structural element;
comparing the generated complexity factor to a predefined threshold value;
responsive to the complexity factor exceeding the predefined threshold value, generating the signature; and
responsive to the complexity factor failing to exceed the pre-defined threshold value, rejecting the generation of the signature; and
upon failing to find a matching signature among the set of stored signatures when comparing, inhibiting further executing of the computer program.

US Pat. No. 10,367,832

REACTIVE VIRTUAL SECURITY APPLIANCES

Rapid7, Inc., Boston, MA...

1. A method for monitoring network activity, the method comprising:deploying at least a first virtual security appliance simulating a service to a location on a network corresponding to a physical location;
receiving data regarding an attack on the first virtual security appliance, wherein the attack targets the simulated service;
deploying at least one subsequent virtual security appliance simulating the targeted service to the location on the network corresponding to the physical location in response to the attack; and
alerting a user of the targeted service in the physical location about the attack on the first virtual security appliance targeting the service, wherein the user is alerted about the attack based on the user being in the physical location of the attack and based on the user using the targeted service.

US Pat. No. 10,367,831

SYSTEMS, METHODS, AND DEVICES FOR DEFENDING A NETWORK

1. A system, comprising:a memory that stores instructions; and
a processor that executes the instructions to perform operations, the operations comprising:
determining if greater than a configurable amount of network traffic during a time period comprises attack traffic, wherein the network traffic is addressed to a target;
assessing an existing route and next hop for the network traffic;
inserting a route to a backbone network ingress point comprising a longer prefix than the existing route and a next hop address associated with the scrubbing complex, thereby causing the route to be a more specific route than the existing route;
redirecting, if greater than the configurable amount of the network traffic is determined to comprise the attack traffic, a portion of the attack traffic to a scrubbing complex by using the route;
transmitting, to the target, scrubbed attack traffic from the scrubbing complex; and
ranking, by utilizing statistics determined by the scrubbing complex, a plurality of ingress points contributing to the attack traffic and ranking each traffic of the attack traffic contributing to the attack traffic, wherein the statistics specify an amount of the network traffic that each ingress point of the plurality of ingress points contributes to the attack traffic.

US Pat. No. 10,367,830

SECURITY ACTION OF NETWORK PACKET BASED ON SIGNATURE AND REPUTATION

TREND MICRO INCORPORATED,...

1. A device comprising a hardware processor and a memory, the memory comprising instructions that, when executed by the hardware processor, cause the device to:determine a reputation of an entity associated with a network packet;
determine whether a signature matches the network packet or associated flow of the network packet, wherein the signature that matches the network packet or associated flow of the network packet is a partial or full match of a malware; and
determine a security action based on the reputation of the entity associated with the network packet and the signature that matches the network packet or associated flow of the network packet.

US Pat. No. 10,367,828

ACTION RESPONSE FRAMEWORK FOR DATA SECURITY INCIDENTS

International Business Ma...

1. A method for responding to data security incidents in an enterprise network, comprising:storing, in an incident manager, information concerning the data security incidents, the information being one or more incident objects, wherein at least one incident object includes information for at least one data security incident, and one or more incident artifacts that include information for data resources identified within the incident object, wherein the incident objects and the incident artifacts are organized as an object-oriented inheritance hierarchy with the incident artifacts distinct from the incident objects;
comparing the information to a set of action conditions to determine action conditions satisfied by at least some of the information;
combining into a message contents of any incident object and incident artifact associated with a satisfied action condition;
providing the message to one or more devices, wherein at least one device includes a message interface that receives the message over a virtual connection established between the incident manager and the message interface; and
executing actions that reference the information on the one or more devices.

US Pat. No. 10,367,827

USING NETWORK LOCATIONS OBTAINED FROM MULTIPLE THREAT LISTS TO EVALUATE NETWORK DATA OR MACHINE DATA

SPLUNK INC., San Francis...

1. A computer-implemented method for identifying notable events in a set of events to facilitate identification of computer or network security-related events, the set of events including a plurality of subsets of events, an event in the set of events comprising a portion of raw machine data representing activity involving at least one host in a plurality of hosts distributed across an enterprise's network, the method comprising:accessing a plurality of threat location lists from third-party sources;
receiving, from a user:
(i) criteria for at least one correlation search for notable events that occur on the enterprise's network, and
(ii) designation of a set of threat location lists from the accessed plurality of threat location lists;
generating an aggregated threat location list by merging and deduplicating the designated set of threat location lists from the plurality of threat location lists, the aggregated threat list stored in an index;
in response to receiving the criteria for the at least one correlation search, for a subset of events in the set of events:
extracting a network location and values for one or more fields identified in the criteria from at least one event in the subset of events, at analysis time, by using an extraction rule or regular expression that is associated with an identified field and with the subset of events, the extraction rule or regular expression defining how to extract the network location from the portion of raw machine data, and
determining notable events based on the criteria by determining that:
(i) the extracted network location for the at least one event in the subset of events matches a threat location in the aggregated threat location list stored in the index, and
(ii) the extracted values for the one or more identified fields for the at least one event in the subset of events match user-specified values in the criteria;
generating, for each of a plurality of threat locations from the aggregated threat location list, a count of events from the identified notable events that include a network location matching the threat location; and
causing display of a graphical user interface (GUI) including at least one interface element indicating an amount of activity associated with threat locations from the aggregated threat location list, the amount of activity based on the generated count of events, from the determined notable events, for each of the plurality of threat locations from the aggregated threat location list, the amount of activity associated with threat locations used to facilitate operation performance or security associated with at least one component in an IT environment.

US Pat. No. 10,367,826

IDENTITY AND TRUSTWORTHINESS VERIFICATION USING ONLINE AND OFFLINE COMPONENTS

Airbnb, Inc., San Franci...

1. A computer implemented method, comprising:receiving, from a user, by a computer, information about an identity of the user of a first-party online system;
sending a request to a third party online system for information about the user, the third party online system different than the first-party online system;
receiving, from the third-party online system, information about activities performed by the user in the third-party online system;
determining an online trustworthiness score based at least on the information about the activities performed by the user in the third-party online system, wherein determining the online trustworthiness score comprises:
identifying a most recent update in a user profile associated with the user in the third-party online system,
determining an amount of time since the most recent update, and
in response to the amount of time not exceeding a threshold amount of time, determining the online trustworthiness score at least based on the amount of time;
sending a request to one or more databases for information associated with the identity of the user;
receiving, from the one or more databases, offline information about the user;
determining an offline trustworthiness score based on the offline information;
determining a trustworthiness score based on the online trustworthiness score and the offline trustworthiness score; and
responsive to determining that the trustworthiness score of the user is below a threshold value, blocking an interaction of the user with another user in the first-party online system.

US Pat. No. 10,367,825

METHOD AND SYSTEM FOR PARALLEL VALIDATION OF DOMAIN NAME SYSTEM SECURITY EXTENSION RECORDS

VERISIGN, INC., Reston, ...

1. A parallelized method for authenticating a domain name system (DNS) query using domain name system security extensions (DNSSEC), the method comprising:obtaining, at a validating DNSSEC-aware DNS client, a DNS query for a resource record for a fully qualified domain name (FQDN);
segmenting the FQDN into more than one specific sub-FQDN;
providing, in parallel, a DNS query for a DNSSEC-related resource record for each of the more than one specific sub-FQDN to a respective authoritative name server or recursive resolver;
obtaining, in parallel, the DNSSEC-related resource record for each of the more than one specific sub-FQDN;
validating, in parallel, the DNSSEC-related resource record for each of the more than one specific sub-FQDN;
combining each of the DNSSEC-related resource records for each of the more than one specific sub-FQDN; and
verifying a chain of trust of the DNSSEC-related resource records.

US Pat. No. 10,367,824

POLICY MANAGEMENT, ENFORCEMENT, AND AUDIT FOR DATA SECURITY

BlueTalon, Inc., Redwood...

1. A method, comprising:receiving, by a policy enforcement point of a policy appliance, a data request from an application, the request including a user specification specifying the user and a data specification specifying a data item to be accessed, the policy enforcement point being connected to a first database having a first database format and a second database having a second database format;
submitting, by the policy enforcement point, the user specification and the data specification to a policy decision point of the policy appliance, the policy decision point being configured to decide whether the user is permitted to access at least a portion of the data item according to a policy that defines an access privilege of the user on data;
receiving, by the policy enforcement point and from the policy decision point, a data access decision that is made by the policy decision point according to the policy, the data access decision specifying that the user is permitted to access a portion of the data item;
customizing, by the policy enforcement point, the data request for each of the databases based on the data access decision and a respective database format, including changing the data request into a first customized query according to the first database format and changing the data request into a second customized query according to the second database format, the customized query preventing at least a first portion of the data item from being retrieved from the databases;
retrieving, by the policy enforcement point, a second portion of the data item from the databases as a response to the customized query, the second portion being different from the first portion; and
providing, by the policy enforcement point to the application, the second portion of the data item,
wherein the policy appliance, including the policy decision point, and the policy enforcement point, executes in a container on a system that includes one or more computer processors.

US Pat. No. 10,367,823

AUGMENTED AND VIRTUAL REALITY BASED PROCESS OVERSIGHT

The Toronto-Dominion Bank...

1. A system at a second location, the system comprising:a memory;
a communications module; and
at least one hardware processor interoperably coupled with the memory and the communications module, the at least one hardware processor configured to:
monitor, from the second location remote from a first location, a process-based operation performed at the first location;
receive, at the second location and via the communications module, a first signal from the first location indicating availability for oversight of the process-based operation, wherein the first signal is associated with an automatic request for oversight to the system at the second location generated by an application being executed at the first location, wherein the application is associated with the execution of the process-based operation, and wherein the application identifies a particular operation of the process-based operation determined to require oversight prior to the particular operation being performed;
receive, at the second location and via the communications module, a second signal from the first location including contextual data from at least one data source located at the first location associated with a current state of the process-based operation associated with the particular operation;
identify a user at the first location associated with the execution of the application and the process-based operation;
determine a plurality of users associated with the second system authorized to perform oversight to the particular operation being performed and associated with the identified user; and
based on a set of prioritization rules, identify a particular one of the determined plurality of users as a supervising user to which the oversight is assigned;
identify, at the second location and for execution at the first location, a set of instructions associated with the current state of the process-based operation at the first location as provided by the supervising user; and
send, via the communications module, a third signal including the set of instructions as provided by the supervising user to the first location.

US Pat. No. 10,367,822

RESTRICTIVE ACCESS CONTROL FOR MODULAR REFLECTION

Oracle International Corp...

1. A non-transitory computer readable medium comprising instructions which, when executed by one or more hardware processors, cause performance of steps comprising:identifying an operation, expressed in a first module, wherein execution of the operation requires access to a module element of a second module;
wherein, in absence of any modular boundary associated with the module element, a non-module-specific accessibility configuration associated with the module element controls the access to the module element;
wherein, if a module boundary associated with the module element is present, the non-module-specific accessibility configuration associated with the module element controls the access to the module element if the module boundary associated with the module element permits the access to the module element;
determining that the operation is associated with a highest possible level of non-module-specific access;
determining whether the module element is exposed by the second module to the first module based on the module boundary associated with the module element;
responsive to determining that the module element is not exposed by the second module to the first module based on the module boundary associated with the module element: prohibiting the operation.

US Pat. No. 10,367,821

DATA DRIVEN ROLE BASED SECURITY

MICROSOFT TECHNOLOGY LICE...

1. A computer system comprising:one or more hardware processors;
system memory coupled to the one or more hardware processors, the system memory storing instructions that are executable by the one or more hardware processors; and
the one or more hardware processors executing the instructions stored in the system memory to control performance of a requested user operation, including the following:
determine if the requested user operation can access data on behalf of a user based on user context associated with the user retrieved from an electronic data source, the user context identifying a location of an object representing the user relative to other objects within a hierarchical data structure, the hierarchical data structure organized at least in part based on an organizational structure of an organization;
use the user context to dynamically derive a role for the user, wherein dynamically deriving the role for the user includes using the user context to dynamically identify a direct report of the user;
access a control expression governing performance of the requested user operation for the derived role;
form a set of permissions for the user by evaluating the control expression using the user context and a data context for the data, the data context including information in addition to or other than the data, and wherein forming the set of permissions for the user includes evaluating a location of the data in the hierarchical data structure;
determine authorization of the user to perform the requested user operation from the set of permissions; and
perform the requested user operation according to the determined authorization of the user.

US Pat. No. 10,367,820

METHODS, SYSTEMS, AND COMPUTER READABLE MEDIUMS FOR IDENTIFYING COMPONENTS OF A COMPUTING SYSTEM

VCE IP Holding Company LL...

1. A method for identifying a component of a computing system, the method comprising:starting a component with a custom basic input/output system (BIOS) extension that responds to an identification information request with identification information, wherein the component includes a virtual machine (VM) or a virtual resource associated with the virtual machine;
receiving, while the component is in a low power state, a request for identification information about the component from a requesting entity; and
after receiving the request for the identification information, the custom BIOS extension triggers a change in power state of the component prior to sending, by the component, the identification information about the component to the requesting entity, wherein the identification information includes a VM identifier or a virtual resource identifier.

US Pat. No. 10,367,819

STREAMLINED UTILITY PORTALS FOR MANAGING DEMAND-RESPONSE EVENTS

Google LLC, Mountain Vie...

11. A device management server of an energy management system, the device management server comprising:one or more processors;
one or more memory devices comprising instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising:
receiving, at the device management server that manages a plurality of smart-home devices, an identification of a user account, wherein:
the identification of the user account is sent from a utility provider computer system based at least in part on an agreement that a smart-home device will be enrolled in a demand-response program; and
the identification of the user account is sent to indicate to the device management server that the smart-home device should be sent to a location associated with the user account;
causing the smart-home device to be sent to the location associated with the user account;
receiving, at the device management server, an indication from the smart-home device that the smart-home device has been installed at the location associated with the user account; and
enrolling the smart-home device in the demand-response program.

US Pat. No. 10,367,818

RESPONSE TO A MACHINE-READABLE LINK

Hewlett-Packard Developme...

1. A method comprising:receiving, by a system, a user identifier and a link identifier to identify a machine-readable link in an image captured by a first device of a user;
determining, by the system, whether the user identifier indicates that the user is an administrator having an administrative privilege with respect to the machine-readable link or that the user is a consumer having a consumption privilege with respect to the machine-readable link;
in response to determining that the user identifier indicates that the user is the consumer, sending, by the system to the first device, content associated with the machine-readable link for viewing by the user on the first device; and
in response to determining that the user identifier indicates that the user is the administrator, sending, by the system to the first device, a response containing information to allow performance of management with respect to the content associated with the machine-readable link, and permitting the user to change the content associated with the machine-readable link that is viewed by the consumer.

US Pat. No. 10,367,817

SYSTEMS AND METHODS FOR CHALLENGELESS COAUTHENTICATION

University of South Flori...

1. A method of authentication, the method comprising:receiving, at an authenticator, an authentication request to access a resource, wherein the authentication request is generated by a requestor;
receiving, at a collaborator, a verification request to access the resource,
wherein the verification request is generated by the requestor and received from the requestor;
generating, at the collaborator, a participation message, wherein the participation message is generated in response to the verification request to access the resource received from the requestor and wherein the participation message is not generated in response to a challenge generated by the authenticator:
receiving, at the authenticator, the participation message generated by the collaborator in response to the verification request to access the resource generated by the requestor;
analyzing, at the authenticator computing device, the authentication request to access a resource and the participation message to determine whether the requestor should be granted access to the resource; and
granting the requesting user access to the resource when it is determined that the requesting user should be granted access to the resource based upon the analysis of the authentication request to access a resource and the participation message.

US Pat. No. 10,367,816

INVALIDATION OF AN ACCESS TOKEN

International Business Ma...

1. A computer-implemented method for invalidating an access token, the method comprising:generating the access token for authorizing access to protected online resource servers and a Hyper Text Markup Language (HTML) file in response to receipt of a request for issuing the access token, wherein the HTML file comprises a set of instructions for rendering on a window in a browser, a code for generating a child segment in a memory which is controlled by the window, and a code for invalidating the access token in response to completion of rendering on the child segment, the code for invalidating the access token including a Uniform Resource Identifier (URI) for an authorization server;
sending the access token and the HTML file to the browser; and
invalidating the access token, in response to receipt, from the browser, of the code for invalidating the access token in response to completion of rendering on the child segment.

US Pat. No. 10,367,814

ENABLING USER ENTROPY ENCRYPTION IN NON-COMPLIANT MOBILE APPLICATIONS

Citrix Systems, Inc., Fo...

1. A method comprising:initializing, by a processor of a mobile device, a background process of a mobile application executing on the mobile device, wherein said initializing is in response to the mobile device being powered on, and without receiving user input indicating a request to initiate the mobile application;
determining, by the processor of the mobile device, that the background process associated with the mobile application is automatically making an initial request to access to an encrypted resource;
determining, by the processor of the mobile device, whether the mobile application has been secured with user input authentication information; and
responsive to determining, by the processor, that the background process has made the initial request and that the mobile application has not been secured:
suspending, by the processor of the mobile device, prior to receiving the user input indicating the request to initiate the mobile application, and prior to receiving the user input authentication information, the background process until the mobile application has been secured, wherein suspending the background process comprises an initial suspension of the background process and occurs prior to receiving an initial authentication attempt corresponding to the user input authentication information, wherein suspending the background process comprises suspending one or more components if the mobile application configured to access encrypted resources while allowing other components of the mobile application to continue to operation;
and transmitting, by the processor of the mobile device, a request to a mobile application management agent to secure the mobile application using the user input authentication information.

US Pat. No. 10,367,813

DISTRIBUTED AUTHENTICATION WITH THRESHOLDS IN IOT DEVICES

McAfee, LLC, Santa Clara...

1. A non-transitory computer readable medium comprising instructions which, when executed, cause at least one host device processor to at least:determine a processing resource of a child device operably coupled to the at least one host device processor;
derive simplified authentication data from sensor data from the child device, the simplified authentication data able to be processed by the processing resource of the child device to authenticate a user of the child device without analysis of the sensor data by the at least one host device processor;
store the simplified authentication data in an authentication profile for the child device; and
transmit the simplified authentication data to the child device, wherein the simplified authentication data is to allow the child device to authenticate the user without the at least one host device processor,
wherein the simplified authentication data stored in the authentication profile for the child device is to be updated by the at least one host device processor based on a change in the sensor data, the updated simplified authentication data to be provided to the child device to authenticate the user.

US Pat. No. 10,367,812

INTEGRATED SYSTEM COMPONENT AND ELECTRONIC DEVICE

Vivint, Inc., Provo, UT ...

1. A computer-implemented method for implementing an integrated device, the method comprising:operating a component of a security and/or automation system, wherein the component is housed with an electronic device that is connected to electrical wiring of a building, wherein the component comprises one or more sensors capable of monitoring for voice command parameters;
receiving, via the component, a voice command from a user of the security and/or automation system;
determining an identity of the user of the security and/or automation system based at least in part on the received voice command and a voice profile;
determining a set of commands associated with the identity of the user;
determining that the voice command is included within the set of commands;
generating, by the component of the security and/or automation system, instructions corresponding to the voice command based at least in part on the determination that the voice command is included within the set of commands;
communicating the instructions between the component and a control panel of the security and/or automation system based at least in part on the determined identity of the user of the security and/or automation system; and
providing power to the electronic device through the electrical wiring based at least in part on the communicating the instructions between the component and the control panel of the security and/or automation system, wherein the electronic device provides power to the one or more sensors included in the component.

US Pat. No. 10,367,811

METHODS FOR INTERNET COMMUNICATION SECURITY

Stealthpath, Inc., Resto...

1. A product for securing communications of a plurality of networked computing devices, the product comprising a non-transitory computer-readable storage medium having computer-readable program code embodied therein, the computer-readable program code executable by a first computing device of the plurality of network computing devices to perform communication management operations, the communication management operations comprising:i) forming a configured communication pathway by configuring a pre-established communication pathway to exclusively communicate application data between a first user-application on the first computing device and a second user-application on a second computing device of the plurality of network computing devices, the first user-application operated by a first user and the second user-application operated by a second user, the configuring comprising:
a) sending a first configuration packet from the first computing device to the second computing device via the pre-established communication pathway, the first configuration packet containing a nonpublic first device identifier for the first computing device in an application layer portion of the first configuration packet;
b) receiving a second configuration packet from the second computing device, the second configuration packet containing a nonpublic second device identifier for the second computing device in an application layer portion of the second configuration packet;
c) confirming, in a kernel space of the first computing device, that the second computing device is authorized to communicate with the first user-application, comprising: matching the nonpublic second device identifier to a preconfigured nonpublic second device code for the second computing device;
d) further sending a third configuration packet from the first computing device to the second computing device via the pre-established communication pathway, the third configuration packet containing a nonpublic first user-application identifier in an application layer portion of the third configuration packet, wherein the nonpublic first user-application identifier is exclusive to the first user-application and the second user-application;
e) further receiving a fourth configuration packet from the second computing device, the fourth configuration packet containing a nonpublic second user-application identifier in an application layer portion of the fourth configuration packet; and ii) preventing any transport layer ports used by the configured communication pathway from being used by any other communication pathway.

US Pat. No. 10,367,810

ELECTRONIC SUBSCRIBER IDENTITY MODULE (ESIM) INSTALLATION AND TESTING

Apple Inc., Cupertino, C...

1. A method comprising:at an embedded Universal Integrated Circuit Card (eUICC):
in a first installation session, installing to a memory of the eUICC an eSIM based on an eSIM package received from an eSIM server;
in a second installation session:
bypassing an authentication of the eSIM server; and
installing to the memory the eSIM based on the eSIM package captured by test equipment.

US Pat. No. 10,367,809

DEVICE REGISTRATION, AUTHENTICATION, AND AUTHORIZATION SYSTEM AND METHOD

Level 3 Communications, L...

1. A system, comprising:a server comprising at least one processor to:
receive a registration request, the registration request comprising a representation of a username and a password;
verify the username and the password and transmit a one-time-use password;
receive the one-time-use password and first device identifier information from a mobile computing device;
receive an access request from the mobile computing device comprising the representation of the username and the password, second device identifier information, and application key information;
verify the username, the password, the second device identifier information, and the application key information at the server, and transmit a token to the mobile computing device;
receive a resource request from the mobile computing device comprising the token and third device identifier information;
verify the token and the third device identifier information; and
transmit information associated with the resource request to the mobile computing device.

US Pat. No. 10,367,808

CONTEXTUAL AND TIME SENSITIVE OUT OF BAND TRANSACTIONAL SIGNING

WELLS FARGO BANK, N.A., ...

1. A system, comprising:a processor that executes the following computer executable components stored in a memory:
a machine learning and reasoning component that employs automated learning and reasoning procedures in connection with determining a level of actions to complete an authentication;
a security manager component that transmits the determined level of actions in response to an indication of a transaction attempt, wherein the indication is received over a first communications channel and at least one of the actions of the level of actions are transmitted over a second communications channel different from the first communications channel, wherein the different communication channels are channels between a same communication pair; and
an authorization manager component that analyzes a reply to the determined level of actions and selectively allows the transaction based on the analysis, wherein the analysis makes use of the machine learning and reasoning component in connection with determining whether a user device may be authenticated for the transaction attempt.

US Pat. No. 10,367,807

SECURELY SHARING CONFIDENTIAL INFORMATION IN A DOCUMENT

International Business Ma...

1. A computer program product for securely sharing confidential information in a document, the computer program product comprising a computer readable storage medium having program code embodied therewith, the program code executable to:set, by a first computer, one or more confidential attributes of the confidential information in the document, the one or more confidential attributes including one or more visibility levels of the confidential information and one or more authorization levels of access to the confidential information;
create, by the first computer, metadata of the confidential information, the metadata including information of the one or more confidential attributes;
create, by the first computer, a first file including the confidential information and the metadata;
create, by the first computer, a second file including non-confidential information in the document and the metadata, the metadata in the second file being as a reference to the confidential information;
generate, by the first computer, a hash value from the second file;
request, by the first computer, a user of the first computer to enter a password;
determine, by the first computer, whether the user of the first computer enters the password;
create, by the first computer, a key for encryption, based on the hash value, in response to determining that the user of the first computer does not enter the password;
create, by the first computer, the key for the encryption, by combing the hash value and the password, in response to determining that the user of the first computer enters the password;
encrypt, by the first computer, with the key for the encryption, the confidential information to generate encrypted confidential information;
write, by the first computer, the encrypted confidential information into the first file;
wherein the confidential information in the first file is displayed by a second computer at a confidential information visibility level in accordance with an authorization level of an authorized user of the second computer; and
wherein the second file is displayed at a visibility level of showing no confidential information, wherein the second file is accessible by all users.

US Pat. No. 10,367,806

MANAGING AND SECURING MANAGEABLE RESOURCES IN STATELESS WEB SERVER ARCHITECTURE USING SERVLET FILTERS

International Business Ma...

1. A computer-based method comprising:in a stateless web server:
extracting, by a computer, a request pattern from a valid relative path portion of a validly-formatted Uniform Resource Locator request;
mapping, by a computer, at least a portion of the extracted request pattern to one or more application program components;
responsive to the mapping, performing, by a computer, security access to the one or more application program components according to one or more associated security constraints, wherein at least one security constraint comprises at least a portion of the extracted request pattern, and wherein different security constraints are associated with different extracted request patterns; and
sending, by a computer to a requester, a Uniform Resource Locator request to the mapped application program component, thereby providing improved management to administration of computer resources in a stateless web server which are non conformant to rules of a central administration unit.

US Pat. No. 10,367,805

METHODS FOR DYNAMIC USER IDENTITY AUTHENTICATION

AirSig Inc., Grand Cayma...

1. A method for dynamic user Identity authentication, configured to authenticate the identity of a user of a login device during a login process, comprising the steps of,using a web server to receive an access request from the login device;
using the web server to generate a resource address information and a session identifier (session ID) based on the access request and transfer the resource address information and the session ID to the login device;
using the login device to generate an initiation signal comprising the resource address information and the session ID and transfer the initiation signal to a signing device;
using the signing device to perform an air signature procedure based on the initiation signal for generating a target signature, wherein the signing device comprises a motion sensor, the motion sensor comprises an accelerometer and a gyroscope and is configured to detect a motion feature of the signing device, the motion feature comprises a movement direction, acceleration and angular velocity, the air signature procedure is performed to measure acceleration readings of the signing device in each axis by the accelerometer, measure the angular velocity of the signing device in each axis by the gyroscope, and calculate the movement direction and the acceleration according to the acceleration readings;
using a determination module to compares the movement direction, acceleration and angular velocity of the target signature with a movement direction, acceleration and angular velocity of a pre-stored reference signature, calculate a similarity between the target signature and the reference signature, determine that the target signature matches with the reference signature when the similarity is greater than a threshold, generate an authentication information according to whether the target signature matches with the reference signature, and transfer the authentication information to the web server, wherein the authentication information comprises a signature similarity information and the session ID; and
using the web server to determine whether the access request is to be granted based on the authentication information.

US Pat. No. 10,367,804

TRUST METRICS ON SHARED COMPUTERS

Facebook, Inc., Menlo Pa...

1. A method comprising:by a verification authority associated with a virtualized computing resource, receiving a request to access the virtualized computing resource, wherein the request comprises authentication data uniquely identifying a user associated with a client device, wherein the request was generated by the client device;
by the verification authority, accessing a social graph of the user associated with the client device to determine whether one or more social-networking users have previously accessed a shared device, and wherein the shared device is configured for use by a plurality of social-networking users;
by the verification authority, verifying the user associated with the client device is allowed to access the virtualized computing resource based on the authentication data received from the client device and information from the social graph indicating at least one or more of the social-networking users have previously accessed the shared device; and
by the verification authority, upon verifying the user associated with the client device is allowed to access the virtualized computing resource, sending a digital certification to the client device allowing the client device access to the virtualized computing resource.

US Pat. No. 10,367,803

MANAGED OPEN SOURCE MEDICAL DEVICES

1. A method of maintaining electronic access to a medical device, comprising:storing an application in code storage for the medical device,
storing one or more custodian certificates in certificate storage for the medical device,
receiving a signed request to update code for the application stored in the code storage for the medical device,
authenticating the signed update request with at least one of the stored custodian certificates,
adding a further custodian certificate to the certificate storage for the medical device,
authenticating the further custodian certificate based on at least one of the stored custodian certificates,
receiving an additional signed request to update code for the application stored in the code storage for the medical device, and
authenticating the additional signed update request with at least the added authenticated custodian certificate.

US Pat. No. 10,367,802

DESKTOP APPLICATION FULFILLMENT PLATFORM WITH MULTIPLE AUTHENTICATION MECHANISMS

Amazon Technologies, Inc....

1. A system, comprising:one or more computing devices that implement a fulfillment platform for a service provider, wherein the fulfillment platform is configured to:
receive a request from an agent installed on a computing resource instance of a user, wherein the computing resource instance comprises a virtualized computing resource instance or a virtual desktop instance implemented on one or more resources of the service provider, and wherein the request comprises a request to subscribe to an application, a request to unsubscribe from an application, or a request to install, uninstall, or reinstall an application on the computing resource instance;
validate an identity of the computing resource instance and a credential for the computing resource instance, or validate an identity of the user and a credential for the user; and
in response to validation of the identity and the credential for the computing resource instance or for the user, process the request.

US Pat. No. 10,367,801

SYSTEMS AND METHODS FOR CREDENTIALING OF NON-LOCAL REQUESTORS IN DECOUPLED SYSTEMS UTILIZING A DOMAIN LOCAL AUTHENTICATOR

OPEN TEXT SA ULC, Halifa...

1. A system, comprising:a domain, including:
a processor coupled to a memory,
a set of resources,
the processor executing instructions implementing a local domain authenticator for:
providing a member credential to use in accessing the set of resources of the domain during a session,
authenticating the member credential associated with the domain; and
a remote authenticator, for:
providing the member credential to a non-local requestor which is not a member of the domain by:
receiving an authentication request from the non-local requestor outside the domain, wherein the request is to be authenticated for accessing the set of resources,
authenticating the non-local requestor using the authentication request, wherein authenticating the non-local requestor comprises establishing a secure channel with the non-local requester based on a unique previously provisioned domain key associated with both that domain and the non-local requestor,
accessing the local domain authenticator to obtain the member credential associated with the domain, and
providing the member credential to the non-local requester, wherein the non-local requester can access the set of resources of the domain during a session maintained between the non-local requester and the domain using the member credential and authentication of an access of the non-local requester to the set of resources during the session is performed using the local domain authenticator and the member credential.

US Pat. No. 10,367,800

LOCAL DATA AGGREGATION REPOSITORY

MX TECHNOLOGIES, INC., L...

1. An apparatus comprising:a hardware device comprising a local repository of data aggregated, for a user, from a plurality of third party service providers;
the hardware device comprising a local authentication module configured to secure, on the hardware device, the aggregated data and electronic credentials of the user for the plurality of third party service providers; and
the hardware device comprising an interface module configured to provide access controls to the user, the access controls defining which of a plurality of other third party service providers the user authorizes to access the aggregated data, and to provide the aggregated data to the authorized other third party service providers.

US Pat. No. 10,367,799

SYSTEMS AND METHODS FOR DETERMINING AN AUTHENTICATION ATTEMPT THRESHOLD

PAYPAL, INC., San Jose, ...

1. A system, comprising:a non-transitory memory; and
one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising:
accessing an authentication attempt history for a user that details a plurality of previous authentication attempts with a secure system using a username associated with the user;
determining, based on the authentication attempt history, a threshold number N of consecutive failed authentication attempts that will be allowed by the secure system using the username before a successful authentication attempt must be received, the threshold number N for the user being different from a threshold number M for a different user, N and M being integers with values of two or larger;
receiving a plurality of subsequent authentication attempts with the secure system using the username; and
performing a security action when the plurality of subsequent authentication attempts using the username includes N consecutive authentication attempts that are also failed authentication attempts.

US Pat. No. 10,367,798

COMMUNICATIONS DEVICE, SYSTEM AND METHOD

Nettoken Limited, London...

1. A contactless communications device comprising:one or more near-field communication (NFC) chips each configured to store information and be read by a corresponding NFC reader; and
a selection means, provided on the contactless communications device, for selectively activating one or more of said chips, the selection means being movable relative to the one or more NFC chips to an activation position aligned with a location of one of said NFC chips from which information is desired to be read, and also to one or more other authentication positions to authenticate the device to enable said information to be read when said selection device is placed in said activation position;
wherein, in use, a said NFC reader can read information from one or more of said chips only when selected and activated and when in NFC reading range, and the communications device is configured to permit data to be read from one or more of said chips only when an authentication is performed utilising the selection means in range of a said NFC chip reader, wherein the authentication comprises determining that detecting a position of the selection means has been moved to one or more predefined authentication positions relative to the one or more NFC chips.

US Pat. No. 10,367,797

METHODS, SYSTEMS, AND MEDIA FOR AUTHENTICATING USERS USING MULTIPLE SERVICES

The Trustees of Columbia ...

1. A method for authenticating a user using multiple services, the method comprising:receiving, from a client device, first user-entered credentials for a target service account;
authenticating the target service account based on the first user-entered credentials;
issuing a redirecting request that directs the client device to at least one vouching service in response to authenticating the target service account;
receiving a vouching response indicating that the client device has authenticated a vouching service account with the at least one vouching service by providing second user-entered credentials to the vouching service, wherein the vouching response includes a vouching token, and wherein the second user-entered credentials are different from the first user-entered credentials;
determining, using a hardware processor, whether the vouching service account is associated with the target service account based on the vouching token; and
providing the client device with access to the target service account in response to (1) authenticating the target service account based on the first user-entered credentials, (2) receiving the vouching response indicating that the client device has authenticated the vouching service account with the at least one vouching service, and (3) determining that the vouching service account is associated with the target service account.

US Pat. No. 10,367,796

METHODS AND APPARATUS FOR RECORDING A CHANGE OF AUTHORIZATION STATE OF ONE OR MORE AUTHORIZATION AGENTS

Cygnetise Limited, Londo...

1. A method of recording a change of authorization state of one or more authorization agents, the method comprising:establishing a copy of a blockchain ledger at each of a plurality of blockchain nodes, wherein each of the blockchain nodes is associated with a different controlling entity;
providing a public key/private key pair for a first of the blockchain nodes, the private key being for storage in, or in a manner accessible to, a communication device associated with a first controlling entity;
receiving, from the communication device, a first message comprising:
first data indicative of a change of authorization state of a first authorization agent associated with the first controlling entity, the first data being encrypted; and
a digital signature based on the blockchain ledger and the private key;
authenticating the first message using the public key;
adding a block to the blockchain ledger based on the first message to generate a new blockchain ledger that records the change of authorization state of the first authorization agent; and
outputting a copy of the new blockchain ledger for distribution to another blockchain node of the plurality of blockchain nodes.

US Pat. No. 10,367,795

VEHICLE WIRELESS INTERNET SECURITY

International Business Ma...

1. A method comprising:receiving, by one or more processors, a connection request from a mobile device;
transmitting, by one or more processors, a data request to the mobile device, wherein the data request comprises a request for location-based data of the mobile device;
receiving, by one or more processors, a first data from the mobile device, wherein the first data corresponds to the data request;
generating, by one or more processors, a vehicle data, wherein the vehicle data comprises location-based data of the vehicle;
determining, by one or more processors, whether the first data matches the vehicle data, wherein a match is determined where the location-based data of the mobile device is within a pre-determined threshold of the location-based data of the vehicle; and
re-authenticating, by one or more processors, the mobile device, by:
transmitting, by one or more processors, a second data request from the mobile device, wherein the second data request comprises a request for an updated velocity of the mobile device;
receiving, by one or more processors, a second data from the mobile device, wherein the second data corresponds to the second data request;
re-generating, by one or more processors, the vehicle data, including generating an updated velocity of the vehicle; and
determining, by one or more processors, whether the second data matches the vehicle data based, at least in part, on the updated velocity of the mobile device and updated velocity of the vehicle.

US Pat. No. 10,367,794

METHOD AND APPARATUS FOR SECURING A SENSOR OR DEVICE

1. An apparatus comprising:a. a sensor/device network system for communicating with at least one sensor/device;
b. the said sensor/device configured to store one or more encryption keys;
c. an IOT Equipment Registry (IER) database configured to store one or more encryption keys for the said sensor/device;
d. an IOT Access Node (IAN) configured to permit the said sensor/device access to the said sensor/device network;
e. the said sensor/device configured to generate a registration message encrypted with an encryption key from the pre-stored list, the said registration message containing at least a manufacturing serialized number;
f. the said IOT Access Node (IAN) configured to recognize the said message as a registration message;
g. additionally the said IOT Access Node (IAN) configured to forward said registration message to the said IOT Equipment Registry (IER) database;
h. the said IOT Equipment Register (IER) database including a decryption unit including a decryption method for the said registration message using said pre-stored encryption keys;
i. the said IOT Equipment Registry (IER) database including a validation unit to verify the said manufacturing serialized number and the said encryption key;
j. the said IOT Equipment Registry (IER) database further configured to forward a set of said stored encryption keys for the said sensor/device to the said IOT Access Node (IAN); and
k. the said IOT Equipment Registry (IER) database configured to return a registration acknowledgement message to the said sensor/device.